lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 25 Jun 2024 10:07:09 +0200
From: Herve Codina <herve.codina@...tlin.com>
To: Luca Ceresoli <luca.ceresoli@...tlin.com>
Cc: Pavel Machek <pavel@....cz>, Lee Jones <lee@...nel.org>, Miaoqian Lin
 <linmq006@...il.com>, Hans de Goede <hdegoede@...hat.com>, Thomas Petazzoni
 <thomas.petazzoni@...tlin.com>, linux-leds@...r.kernel.org,
 linux-kernel@...r.kernel.org
Subject: Re: [PATCH] Revert "leds: led-core: Fix refcount leak in
 of_led_get()"

Hi Luca,

On Tue, 25 Jun 2024 09:26:52 +0200
Luca Ceresoli <luca.ceresoli@...tlin.com> wrote:

> This reverts commit da1afe8e6099980fe1e2fd7436dca284af9d3f29.
> 
> Commit 699a8c7c4bd3 ("leds: Add of_led_get() and led_put()"), introduced in
> 5.5, added of_led_get() and led_put() but missed a put_device() in
> led_put(), thus creating a leak in case the consumer device is removed.
> 
> Arguably device removal was not very popular, so this went apparently
> unnoticed until 2022. In January 2023 two different patches got merged to
> fix the same bug:
> 
>  - commit da1afe8e6099 ("leds: led-core: Fix refcount leak in of_led_get()")
>  - commit 445110941eb9 ("leds: led-class: Add missing put_device() to led_put()")
> 
> They fix the bug in two different ways, which creates no patch conflicts,
> and both were merged in v6.2. The result is that now there is one more
> put_device() than get_device()s, instead of one less.
> 
> Arguably device removal is not very popular yet, so this apparently hasn't
> been noticed as well up to now. But it blew up here while I'm working with
> device tree overlay insertion and removal. The symptom is an apparently
> unrelated list of oopses on device removal, with reasons:
> 
>   kernfs: can not remove 'uevent', no directory
>   kernfs: can not remove 'brightness', no directory
>   kernfs: can not remove 'max_brightness', no directory
>   ...
> 
> Here sysfs fails removing attribute files, which is because the device name
> changed and so the sysfs path. This is because the device name string got
> corrupted, which is because it got freed too early and its memory reused.
> 
> Different symptoms could appear in different use cases.
> 
> Fix by removing one of the two fixes.
> 
> The choice was to remove commit da1afe8e6099 because:
> 
>  * it is calling put_device() inside of_led_get() just after getting the
>    device, thus it is basically not refcounting the LED device at all
>    during its entire lifetime
>  * it does not add a corresponding put_device() in led_get(), so it fixes
>    only the OF case
> 
> The other fix (445110941eb9) is adding the put_device() in led_put() so it
> covers the entire lifetime, and it works even in the non-DT case.
> 
> Fixes: da1afe8e6099 ("leds: led-core: Fix refcount leak in of_led_get()")
> Co-developed-by: Hervé Codina <herve.codina@...tlin.com>
> Signed-off-by: Luca Ceresoli <luca.ceresoli@...tlin.com>

As there is a Co-developer, you have to add his/her Signed-off-by:
https://elixir.bootlin.com/linux/v6.10-rc5/source/Documentation/process/submitting-patches.rst#L494

So feel free to:
  a) Add Signed-off-by: Hervé Codina <herve.codina@...tlin.com>
or
  b) Remove Co-developed-by: Hervé Codina <herve.codina@...tlin.com>

Even if I participate in that fix, I will not be upset if you remove the
Co-developed-by :)

Best regards,
Hervé

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ