lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20211227210951.imixgc6nob52cjwz@pengutronix.de>
Date:   Mon, 27 Dec 2021 22:09:51 +0100
From:   Uwe Kleine-König <u.kleine-koenig@...gutronix.de>
To:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc:     Lars-Peter Clausen <lars@...afoo.de>,
        Ahmad Fatoum <a.fatoum@...gutronix.de>,
        linux-iio@...r.kernel.org, linux-kernel@...r.kernel.org,
        William Breathitt Gray <vilhelm.gray@...il.com>,
        kernel@...gutronix.de,
        Jonathan Cameron <Jonathan.Cameron@...wei.com>,
        Oleksij Rempel <linux@...pel-privat.de>
Subject: Re: [PATCH v2 16/23] counter: interrupt-cnt: Convert to new counter
 registration

On Mon, Dec 27, 2021 at 12:34:25PM +0100, Greg Kroah-Hartman wrote:
> On Mon, Dec 27, 2021 at 12:21:14PM +0100, Lars-Peter Clausen wrote:
> > On 12/27/21 11:59 AM, Greg Kroah-Hartman wrote:
> > > On Mon, Dec 27, 2021 at 10:45:19AM +0100, Uwe Kleine-König wrote:
> > > > This fixes device lifetime issues where it was possible to free a live
> > > > struct device.
> > > > 
> > > > Fixes: a55ebd47f21f ("counter: add IRQ or GPIO based counter")
> > > > Signed-off-by: Uwe Kleine-König <u.kleine-koenig@...gutronix.de>
> > > > ---
> > > >   drivers/counter/interrupt-cnt.c | 28 ++++++++++++++++------------
> > > >   1 file changed, 16 insertions(+), 12 deletions(-)
> > > > 
> > > > diff --git a/drivers/counter/interrupt-cnt.c b/drivers/counter/interrupt-cnt.c
> > > > index 4bf706ef46e2..9e99702470c2 100644
> > > > --- a/drivers/counter/interrupt-cnt.c
> > > > +++ b/drivers/counter/interrupt-cnt.c
> > > > @@ -16,7 +16,6 @@
> > > >   struct interrupt_cnt_priv {
> > > >   	atomic_t count;
> > > > -	struct counter_device counter;
> > > >   	struct gpio_desc *gpio;
> > > >   	int irq;
> > > >   	bool enabled;
> > > > @@ -148,12 +147,14 @@ static const struct counter_ops interrupt_cnt_ops = {
> > > >   static int interrupt_cnt_probe(struct platform_device *pdev)
> > > >   {
> > > >   	struct device *dev = &pdev->dev;
> > > > +	struct counter_device *counter;
> > > >   	struct interrupt_cnt_priv *priv;
> > > >   	int ret;
> > > > -	priv = devm_kzalloc(dev, sizeof(*priv), GFP_KERNEL);
> > > > -	if (!priv)
> > > > +	counter = devm_counter_alloc(dev, sizeof(*priv));
> > > I just picked one of these patches at random, nothing specific about
> > > this driver...
> > > 
> > > You can not have a 'struct device' in memory allocated by devm_*()
> > > functions for the obvious reason that now that memory is being
> > > controlled by a reference count that is OUTSIDE of the structure itself.
> > > 
> > > So while your goal might be good here, this is not the correct solution
> > > at all, sorry.
> > 
> > Before this patch the memory for the struct device was devm_kzalloc'ed.
> > Which as you point out is a bug.
> > 
> > After this patch the memory is reference counted and will be freed when the
> > last reference is dropped, in the release callback of the struct device.

@Lars, thanks for arguing for my case.
 
> > The alloc function is still a devm_ function, but on 'free' it will only
> > drop the reference to the struct device that it holds. This is a very common
> > pattern that is used by basically any driver subsystem in the kernel.
> 
> Then it is not a real devm_() call, let's not call it that please as it
> is obviously very confusing :)

It's only confusing if you consider the m in devm to stand for "malloc",
but it's for "managed". I agree to Lars that it's a sane approach.

> Just call it counter_alloc(), or , counter_create(), or something a bit
> more in line with the rest of all driver subsystems.

There is a counter_alloc() and in contrast to devm_counter_alloc() the
caller has to care about dropping the reference to it by hand.

Best regards
Uwe

-- 
Pengutronix e.K.                           | Uwe Kleine-König            |
Industrial Linux Solutions                 | https://www.pengutronix.de/ |

Download attachment "signature.asc" of type "application/pgp-signature" (489 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ