lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 11 Apr 2008 08:50:27 +0200 From: Uwe Kleine-König <Uwe.Kleine-Koenig@...i.com> To: "Hans J. Koch" <hjk@...utronix.de> Cc: Greg Kroah-Hartman <gregkh@...e.de>, linux-kernel@...r.kernel.org Subject: Re: [PATCH 1/4] UIO: hold a reference to the device's owner while the device is open Hello, Hans J. Koch wrote: > On Thu, Apr 10, 2008 at 02:37:00PM +0200, Uwe Kleine-König wrote: > > Otherwise the device might just disappear while /dev/uioX is being used > > which results in an Oops. > > And I'd like to hear Greg's opinion: Do you agree we can omit > try_module_get() in uio_mmap()? As Greg already pointed out, mmap only works for open files and so the reference is already hold there. > > if (idev->info->open) { > > - if (!try_module_get(idev->owner)) > > - return -ENODEV; > > ret = idev->info->open(idev->info, inode); > > - module_put(idev->owner); > > - } > > + if (ret) { > > + kfree(listener); > > +err_alloc_listener: > > > > - if (ret) > > - kfree(listener); > > + module_put(idev->owner); > > +err_module_get: > > > > - return ret; > > + return ret; > > + } > > + } > > + > > + return 0; > > } > > I really don't like these labels inside the if-block. I find it hard to > read. What about this: > > > if (idev->info->open) { > ret = idev->info->open(idev->info, inode); > if (ret) > kfree(listener); > return ret; > } > > err_alloc_listener: > module_put(idev->owner); > err_module_get: > return ret; With that you leak a reference to idev->owner if idev->info->open() fails. Things like that don't happen that easy if all error handing is in one place. > The label err_module_get should probably be omitted because it's used only > once and has just one line of code. You could simply write "return ret" > instead of "goto err_module_get". This makes code shuffling easier. For example if someone decides that try_module_get should be done after allocating listener then you only have to exchange the two corresponding code blocks and the two groups (label + cleanup) in the error handling block. If the error handling is spread over the whole functions you can easily miss something---as happend above. :-) Best regards Uwe -- Uwe Kleine-König, Software Engineer Digi International GmbH Branch Breisach, Küferstrasse 8, 79206 Breisach, Germany Tax: 315/5781/0242 / VAT: DE153662976 / Reg. Amtsgericht Dortmund HRB 13962 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists