lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <576CD58C.5020900@siemens.com>
Date:	Fri, 24 Jun 2016 08:39:08 +0200
From:	Jan Kiszka <jan.kiszka@...mens.com>
To:	Will Deacon <will.deacon@....com>
Cc:	Bjorn Helgaas <bhelgaas@...gle.com>, linux-pci@...r.kernel.org,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	linux-arm-kernel@...ts.infradead.org
Subject: Re: [PATCH] pci: Add support for unbinding the generic PCI host
 controller

On 2016-06-24 08:12, Will Deacon wrote:
> On Thu, Jun 23, 2016 at 07:31:34PM +0200, Jan Kiszka wrote:
>> On 2016-06-22 08:06, Will Deacon wrote:
>>> On Tue, Jun 21, 2016 at 08:07:50PM +0200, Jan Kiszka wrote:
>>>> diff --git a/drivers/pci/host/pci-host-common.c b/drivers/pci/host/pci-host-common.c
>>>> index 8cba7ab..c0ff4b1 100644
>>>> --- a/drivers/pci/host/pci-host-common.c
>>>> +++ b/drivers/pci/host/pci-host-common.c
>>>> @@ -164,6 +164,19 @@ int pci_host_common_probe(struct platform_device *pdev,
>>>>  	}
>>>>  
>>>>  	pci_bus_add_devices(bus);
>>>> +	platform_set_drvdata(pdev, bus);
>>>> +	return 0;
>>>> +}
>>>> +
>>>> +int pci_host_common_remove(struct platform_device *pdev)
>>>> +{
>>>> +	struct pci_bus *bus = platform_get_drvdata(pdev);
>>>> +
>>>> +	pci_lock_rescan_remove();
>>>> +	pci_stop_root_bus(bus);
>>>> +	pci_remove_root_bus(bus);
>>>> +	pci_unlock_rescan_remove();
>>>
>>> A couple of comments/questions about this:
>>>
>>>   - The probe path seems to have some stateful operations outside of PCI
>>>     resources. For example, kzalloc'ing the bus_range resource in
>>>     of_pci_get_host_bridge_resources. Do we need to clean these up
>>>     explicitly?
>>>
>>>   - Similarly, we don't seem to tear-down the config space mappings and
>>>     data structures for that, so we leak VA space afaict.
>>>
>>
>> Good points. But to my understanding, everything is released
>> automatically on pci_remove_root_bus because all the resources are
>> registered with the bus which takes care of them during destruction. And
>> if I trace the release, I find this e.g.
>>
>> ...
>> devres_release_all() {
>>   _raw_spin_lock_irqsave();
>>   release_nodes() {
>>     _raw_spin_unlock_irqrestore();
>>     devm_action_release() {
>>       gen_pci_unmap_cfg() {
> 
> Ah, thanks for investigating that -- I completely missed the explicit
> devm_ callback. That resolves my concern about the config space mappings,
> but I still don't understand what happens to the resources allocated
> in of_pci_get_host_bridge_resources. It looks like they should actually
> be freed within that function, since pci_add_resource{_offset} copy the
> resources into their own resource_entries anyway.
> 
> Am I missing something?

Tracing kmalloc and kfree in addition, it seems you are right. But then
we already have leaks in the code in case the setup fails somewhere in
the middle, no? gen_pci_init only releases the resource list on errors,
but not bus_range. And pci_host_common_probe does non of both if
pci_scan_root_bus fails. Anything else?

Jan

-- 
Siemens AG, Corporate Technology, CT RDA ITP SES-DE
Corporate Competence Center Embedded Linux

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ