| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <172916216326.53359.1590082756395527593@njaxe.localdomain>
Date: Thu, 17 Oct 2024 12:49:23 +0200
From: Matteo Martelli <matteomartelli3@...il.com>
To: Sebastian Reichel <sebastian.reichel@...labora.com>
Cc: Jonathan Cameron <jic23@...nel.org>, Lars-Peter Clausen <lars@...afoo.de>, Michael Hennerich <Michael.Hennerich@...log.com>, Alisa-Dariana Roman <alisa.roman@...log.com>, Christian Eggers <ceggers@...i.de>, Peter Rosin <peda@...ntia.se>, Paul Cercueil <paul@...pouillou.net>, linux-iio@...r.kernel.org, linux-kernel@...r.kernel.org, linux-mips@...r.kernel.org, linux-pm@...r.kernel.org
Subject: Re: [PATCH v3 2/5] iio: consumers: copy/release available info from producer to fix race
Quoting Sebastian Reichel (2024-10-16 23:08:30)
> Hi,
>
> On Tue, Oct 15, 2024 at 01:06:35PM +0200, Matteo Martelli wrote:
> > Consumers need to call the producer's read_avail_release_resource()
> > callback after reading producer's available info. To avoid a race
> > condition with the producer unregistration, change inkern
> > iio_channel_read_avail() so that it copies the available info from the
> > producer and immediately calls its release callback with info_exists
> > locked.
> >
> > Also, modify the users of iio_read_avail_channel_raw() and
> > iio_read_avail_channel_attribute() to free the copied available buffers
> > after calling these functions.
> >
> > Signed-off-by: Matteo Martelli <matteomartelli3@...il.com>
> > ---
> > diff --git a/drivers/power/supply/ingenic-battery.c b/drivers/power/supply/ingenic-battery.c
> > index 0a40f425c27723ccec49985b8b5e14a737b6a7eb..3db000d9fff9a7a6819631314547b3d16db7f967 100644
> > --- a/drivers/power/supply/ingenic-battery.c
> > +++ b/drivers/power/supply/ingenic-battery.c
> > @@ -12,6 +12,7 @@
> > #include <linux/platform_device.h>
> > #include <linux/power_supply.h>
> > #include <linux/property.h>
> > +#include <linux/slab.h>
> >
> > struct ingenic_battery {
> > struct device *dev;
> > @@ -79,8 +80,10 @@ static int ingenic_battery_set_scale(struct ingenic_battery *bat)
> > dev_err(bat->dev, "Unable to read channel avail scale\n");
> > return ret;
> > }
> > - if (ret != IIO_AVAIL_LIST || scale_type != IIO_VAL_FRACTIONAL_LOG2)
> > - return -EINVAL;
> > + if (ret != IIO_AVAIL_LIST || scale_type != IIO_VAL_FRACTIONAL_LOG2) {
> > + ret = -EINVAL;
> > + goto out;
> > + }
> >
> > max_mV = bat->info->voltage_max_design_uv / 1000;
> >
> > @@ -99,7 +102,8 @@ static int ingenic_battery_set_scale(struct ingenic_battery *bat)
> >
> > if (best_idx < 0) {
> > dev_err(bat->dev, "Unable to find matching voltage scale\n");
> > - return -EINVAL;
> > + ret = -EINVAL;
> > + goto out;
> > }
> >
> > /* Only set scale if there is more than one (fractional) entry */
> > @@ -109,10 +113,13 @@ static int ingenic_battery_set_scale(struct ingenic_battery *bat)
> > scale_raw[best_idx + 1],
> > IIO_CHAN_INFO_SCALE);
> > if (ret)
> > - return ret;
> > + goto out;
> > }
> >
> > - return 0;
> > + ret = 0;
> > +out:
> > + kfree(scale_raw);
> > + return ret;
> > }
> >
> > static enum power_supply_property ingenic_battery_properties[] = {
>
> It should be enough to declare scale_raw like this at the beginning
> of the function and otherwise keep it as is when you include
> <linux/cleanup.h>:
>
> const int *scale_raw __free(kfree) = NULL;
Nice! I wasn't aware of it, thanks! I'll try it and submit it in next version.
I think that also fits for the similar usage in iio_channel_read_min() and
iio_channel_read_max() as well.
>
> Greetings,
>
> -- Sebastian
Thanks,
Matteo Martelli
Powered by blists - more mailing lists