[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20171229184522.GA3423@gaurav.jindal>
Date: Sat, 30 Dec 2017 00:15:22 +0530
From: gaurav jindal <gauravjindal1104@...il.com>
To: "Rafael J. Wysocki" <rafael@...nel.org>
Cc: "Rafael J. Wysocki" <rjw@...ysocki.net>,
Daniel Lezcano <daniel.lezcano@...aro.org>,
Linux PM <linux-pm@...r.kernel.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH]cpuidle: preventive check in cpuidle_select against crash
On Wed, Dec 27, 2017 at 03:30:02AM +0100, Rafael J. Wysocki wrote:
> On Wed, Dec 27, 2017 at 2:57 AM, gaurav jindal
> <gauravjindal1104@...il.com> wrote:
> > On Wed, Dec 27, 2017 at 01:42:58AM +0100, Rafael J. Wysocki wrote:
> >> On Tue, Dec 26, 2017 at 8:26 AM, gaurav jindal
> >> <gauravjindal1104@...il.com> wrote:
> >> > When selecting the idle state using cpuidle_select, there is no
> >> > check on cpuidle_curr_governor. In cpuidle_switch_governor,
> >> > cpuidle_currr_governor can be set to NULL to specify "disabled".
> >>
> >> How exactly?
> >
> > In cpuidle_switch_governor:
> >
> > /**
> > * cpuidle_switch_governor - changes the governor
> > * @gov: the new target governor
> > *
> > * NOTE: "gov" can be NULL to specify disabled
> > * Must be called with cpuidle_lock acquired.
> > */
> > int cpuidle_switch_governor(struct cpuidle_governor *gov)
> > {
> > struct cpuidle_device *dev;
> >
> > if (gov == cpuidle_curr_governor)
> > return 0;
> >
> > cpuidle_uninstall_idle_handler();
> >
> > if (cpuidle_curr_governor) {
> > list_for_each_entry(dev, &cpuidle_detected_devices, device_list)
> > cpuidle_disable_device(dev);
> > }
> >
> > cpuidle_curr_governor = gov;
> >
> > This allows to set the cpuidle_switch_governor as NULL. Although there is no
> > current code flow leading here, but it has a potential for bug in future. So
> > may be better to have prevention.
>
> Or maybe not.
>
> Why don't you make cpuidle_switch_governor() check the argument
> against NULL instead?
If we check gov (argument passed in cpuidle_switch_governor())against
NULL in cpuidle_switch_governor, can be a problem in a case where it
is called as
cpuidle_switch_governor(NULL);
If cpuidle_curr_governor is not NULL, first the device is disabled.
if (cpuidle_curr_governor) {
list_for_each_entry(dev, &cpuidle_detected_devices, device_list)
cpuidle_disable_device(dev);
}
after this cpuidle_curr_governor is set to gov, which is NULL in this case.
cpuidle_curr_governor = gov;
/* if is not updated by inserting a check, it will have an oudated value*/
Now, if gov is not NULL (which it is in this case), cpuidle device is enabled
if (gov) {
list_for_each_entry(dev, &cpuidle_detected_devices, device_list)
cpuidle_enable_device(dev);
cpuidle_install_idle_handler();
printk(KERN_INFO "cpuidle: using governor %s\n", gov->name);
}
If we check for gov against NULL in this function, it will produce
dangling pointers and resource leaks.
Powered by blists - more mailing lists