lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <e40e8451-9672-4423-bcab-8e0cc6ff3624@icloud.com>
Date: Tue, 29 Oct 2024 23:22:44 +0800
From: Zijun Hu <zijun_hu@...oud.com>
To: Johan Hovold <johan@...nel.org>
Cc: Vinod Koul <vkoul@...nel.org>, Kishon Vijay Abraham I
 <kishon@...nel.org>, Felipe Balbi <balbi@...com>,
 Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
 Rob Herring <robh@...nel.org>, Arnd Bergmann <arnd@...db.de>,
 Lee Jones <lee@...nel.org>, Lorenzo Pieralisi <lpieralisi@...nel.org>,
 Krzysztof Wilczyński <kw@...ux.com>,
 Bjorn Helgaas <bhelgaas@...gle.com>, "David S. Miller"
 <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>,
 Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>,
 Christophe JAILLET <christophe.jaillet@...adoo.fr>, stable@...r.kernel.org,
 linux-phy@...ts.infradead.org, linux-kernel@...r.kernel.org,
 Zijun Hu <quic_zijuhu@...cinc.com>
Subject: Re: [PATCH v2 1/6] phy: core: Fix that API devm_phy_put() fails to
 release the phy

On 2024/10/29 21:40, Johan Hovold wrote:
> On Thu, Oct 24, 2024 at 10:39:26PM +0800, Zijun Hu wrote:
>> From: Zijun Hu <quic_zijuhu@...cinc.com>
>>
>> For devm_phy_put(), its comment says it needs to invoke phy_put() to
>> release the phy, but it does not invoke the function actually since
>> devres_destroy() will not call devm_phy_release() at all which will
>> call the function, and the missing phy_put() call will cause:
> 
> Please split the above up in at least two sentences to make it easier to
> parse. Split it after devm_phy_release() and rephrase the latter part
> (e.g. by dropping "at all which will call the function").
>  

thank you for code review.
will take your suggestions and send v2 (^^).

>> - The phy fails to be released.
>> - devm_phy_put() can not fully undo what API devm_phy_get() does.
>> - Leak refcount of both the module and device for below typical usage:
>>
>>   devm_phy_get(); // or its variant
>>   ...
>>   err = do_something();
>>   if (err)
>>       goto err_out;
>>   ...
>>   err_out:
>>   devm_phy_put();
>>
>>   The file(s) affected by this issue are shown below since they have such
>>   typical usage.
>>   drivers/pci/controller/cadence/pcie-cadence.c
>>   drivers/net/ethernet/ti/am65-cpsw-nuss.c
>>
>> Fixed by using devres_release() instead of devres_destroy() within the API
>>
>> Fixes: ff764963479a ("drivers: phy: add generic PHY framework")
>> Cc: stable@...r.kernel.org
>> Cc: Lorenzo Pieralisi <lpieralisi@...nel.org>
>> Cc: "Krzysztof Wilczyński" <kw@...ux.com>
>> Cc: Bjorn Helgaas <bhelgaas@...gle.com>
>> Cc: "David S. Miller" <davem@...emloft.net>
>> Cc: Eric Dumazet <edumazet@...gle.com>
>> Cc: Jakub Kicinski <kuba@...nel.org>
>> Cc: Paolo Abeni <pabeni@...hat.com>
>> Signed-off-by: Zijun Hu <quic_zijuhu@...cinc.com>
> 
> Diff itself looks good. Nice find.
> 
> Johan


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ