lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <e06d1c0f-f60d-fc23-cd74-82f557dbc432@web.de>
Date:   Sun, 22 Apr 2018 12:30:25 +0200
From:   Jan Kiszka <jan.kiszka@....de>
To:     Rob Herring <robh+dt@...nel.org>,
        Frank Rowand <frowand.list@...il.com>
Cc:     Pantelis Antoniou <pantelis.antoniou@...sulko.com>,
        Pantelis Antoniou <panto@...oniou-consulting.com>,
        devicetree@...r.kernel.org,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        Geert Uytterhoeven <geert@...ux-m68k.org>,
        Laurent Pinchart <laurent.pinchart+renesas@...asonboard.com>,
        Jailhouse <jailhouse-dev@...glegroups.com>
Subject: Re: [PATCH v7 2/5] of: change overlay apply input data from
 unflattened to FDT

On 2018-04-11 07:42, Jan Kiszka wrote:
> On 2018-04-05 23:12, Rob Herring wrote:
>> On Thu, Apr 5, 2018 at 2:28 PM, Frank Rowand <frowand.list@...il.com> wrote:
>>> On 04/05/18 12:13, Jan Kiszka wrote:
>>>> On 2018-04-05 20:59, Frank Rowand wrote:
>>>>> Hi Jan,
>>>>>
>>>>> On 04/04/18 15:35, Jan Kiszka wrote:
>>>>>> Hi Frank,
>>>>>>
>>>>>> On 2018-03-04 01:17, frowand.list@...il.com wrote:
>>>>>>> From: Frank Rowand <frank.rowand@...y.com>
>>>>>>>
>>>>>>> Move duplicating and unflattening of an overlay flattened devicetree
>>>>>>> (FDT) into the overlay application code.  To accomplish this,
>>>>>>> of_overlay_apply() is replaced by of_overlay_fdt_apply().
>>>>>>>
>>>>>>> The copy of the FDT (aka "duplicate FDT") now belongs to devicetree
>>>>>>> code, which is thus responsible for freeing the duplicate FDT.  The
>>>>>>> caller of of_overlay_fdt_apply() remains responsible for freeing the
>>>>>>> original FDT.
>>>>>>>
>>>>>>> The unflattened devicetree now belongs to devicetree code, which is
>>>>>>> thus responsible for freeing the unflattened devicetree.
>>>>>>>
>>>>>>> These ownership changes prevent early freeing of the duplicated FDT
>>>>>>> or the unflattened devicetree, which could result in use after free
>>>>>>> errors.
>>>>>>>
>>>>>>> of_overlay_fdt_apply() is a private function for the anticipated
>>>>>>> overlay loader.
>>>>>>
>>>>>> We are using of_fdt_unflatten_tree + of_overlay_apply in the
>>>>>> (out-of-tree) Jailhouse loader driver in order to register a virtual
>>>>>> device during hypervisor activation with Linux. The DT overlay is
>>>>>> created from a a template but modified prior to application to account
>>>>>> for runtime-specific parameters. See [1] for the current implementation.
>>>>>>
>>>>>> I'm now wondering how to model that scenario best with the new API.
>>>>>> Given that the loader lost ownership of the unflattened tree but the
>>>>>> modification API exist only for the that DT state, I'm not yet seeing a
>>>>>> clear solution. Should we apply the template in disabled form (status =
>>>>>> "disabled"), modify it, and then activate it while it is already applied?
>>>>>
>>>>> Thank you for the pointer to the driver - that makes it much easier to
>>>>> understand the use case and consider solutions.
>>>>>
>>>>> If you can make the changes directly on the FDT instead of on the
>>>>> expanded devicetree, then you could move to the new API.
>>>>
>>>> Are there some examples/references on how to edit FDTs in-place in the
>>>> kernel? I'd like to avoid writing the n-th FDT parser/generator.
>>>
>>> I don't know of any existing in-kernel edits of the FDT (but they might
>>> exist).  The functions to access an FDT are in libfdt, which is in
>>> scripts/dtc/libfdt/.
>>
>> Let's please not go down that route of doing FDT modifications. There
>> is little reason to other than for early boot changes. And it is much
>> easier to work on unflattened trees.
> 
> I just briefly looked into libfdt, and it would have meant building it
> into the module as there are no library functions exported by the kernel
> either. Another reason to drop that.
> 
> What's apparently working now is the pattern I initially suggested:
> Register template with status = "disabled" as overlay, then prepare and
> apply changeset that contains all needed modifications and sets the
> status to "ok". I might be leaking additional resources, but to find
> that out, I will now finally have to resolve clean unbinding of the
> generic PCI host controller [1] first.

static void free_overlay_changeset(struct overlay_changeset *ovcs)
{
	[...]
	/*
	 * TODO
	 *
	 * would like to: kfree(ovcs->overlay_tree);
	 * but can not since drivers may have pointers into this data
	 *
	 * would like to: kfree(ovcs->fdt);
	 * but can not since drivers may have pointers into this data
	 */

	kfree(ovcs);
}

What's this? I have kmemleak now jumping at me over this. Who is suppose
to plug these leaks? The caller of of_overlay_fdt_apply has no pointers
to those objects. I would say that's a regression of the new API.

Jan

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ