lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <YCL67QzPiyRhhbor@google.com>
Date:   Tue, 9 Feb 2021 13:13:17 -0800
From:   Minchan Kim <minchan@...nel.org>
To:     John Hubbard <jhubbard@...dia.com>
Cc:     Greg KH <gregkh@...uxfoundation.org>,
        Andrew Morton <akpm@...ux-foundation.org>,
        linux-mm <linux-mm@...ck.org>,
        LKML <linux-kernel@...r.kernel.org>, surenb@...gle.com,
        joaodias@...gle.com, willy@...radead.org
Subject: Re: [PATCH v2] mm: cma: support sysfs

On Tue, Feb 09, 2021 at 12:11:20PM -0800, John Hubbard wrote:
> On 2/9/21 9:49 AM, Greg KH wrote:
> > > > That's fine if you want to add it to the parent.  If so, then the
> > > > kobject controls the lifetime of the structure, nothing else can.
> > > 
> > > The problem was parent object(i.e., struct cma cma_areas) is
> > > static arrary so kobj->release function will be NULL or just
> > > dummy. Is it okay? I thought it was one of the what you wanted
> > > to avoid it.
> > 
> > No, that is not ok.
> > 
> > > > Either is fine with me, what is "forbidden" is having a kobject and
> > > > somehow thinking that it does not control the lifetime of the structure.
> > > 
> > > Since parent object is static arrary, there is no need to control the
> > > lifetime so I am curious if parent object approach is okay from kobject
> > > handling point of view.
> > 
> > So the array is _NEVER_ freed?  If not, fine, don't provide a release
> > function for the kobject, but ick, just make a dynamic kobject I don't
> > see the problem for something so tiny and not very many...
> > 
> 
> Yeah, I wasn't trying to generate so much discussion, I initially thought it
> would be a minor comment: "just use an embedded struct and avoid some extra
> code", at first.
> 
> > I worry that any static kobject might be copied/pasted as someone might
> > think this is an ok thing to do.  And it's not an ok thing to do.
> > 
> 
> Overall, then, we're seeing that there is a small design hole: in order
> to use sysfs most naturally, you either much provide a dynamically allocated
> item for it, or you must use the static kobject, and the second one sets a
> bad example.
> 
> I think we should just use a static kobject, with a cautionary comment to
> would-be copy-pasters, that explains the design constraints above. That way,
> we still get a nice, less-code implementation, a safe design, and it only
> really costs us a single carefully written comment.
> 
> thanks,

Agreed. How about this for the warning part?

+
+/*
+ * note: kobj_type should provide a release function to free dynamically
+ * allocated object since kobject is responsible for controlling lifespan
+ * of the object. However, cma_area is static object so technially, it
+ * doesn't need release function. It's very exceptional case so pleaes
+ * do not follow this model.
+ */
 static struct kobj_type cma_ktype = {
        .sysfs_ops = &kobj_sysfs_ops,
        .default_groups = cma_groups
+       .release = NULL, /* do not follow. See above */
 };

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ