| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <df193ddb-4591-417d-8d62-42d99d6d468f@intel.com> Date: Wed, 3 Dec 2025 09:45:19 +0100 From: Przemek Kitszel <przemyslaw.kitszel@...el.com> To: ally heev <allyheev@...il.com>, Tony Nguyen <anthony.l.nguyen@...el.com>, Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com> CC: <intel-wired-lan@...ts.osuosl.org>, <netdev@...r.kernel.org>, <linux-kernel@...r.kernel.org>, Dan Carpenter <dan.carpenter@...aro.org>, Andrew Lunn <andrew+netdev@...n.ch>, "David S. Miller" <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>, Alexander Lobakin <aleksander.lobakin@...el.com>, Simon Horman <horms@...nel.org> Subject: Re: [Intel-wired-lan] [RFT net-next PATCH RESEND 0/2] ethernet: intel: fix freeing uninitialized pointers with __free On 12/3/25 09:09, ally heev wrote: > On Tue, 2025-12-02 at 10:17 -0800, Tony Nguyen wrote: >> >> On 12/2/2025 11:47 AM, ally heev wrote: >>> On Mon, 2025-12-01 at 13:40 -0800, Tony Nguyen wrote: >>>> >>>> On 11/23/2025 11:40 PM, Ally Heev wrote: >>>>> Uninitialized pointers with `__free` attribute can cause undefined >>>>> behavior as the memory assigned randomly to the pointer is freed >>>>> automatically when the pointer goes out of scope. >>>>> >>>>> We could just fix it by initializing the pointer to NULL, but, as usage of >>>>> cleanup attributes is discouraged in net [1], trying to achieve cleanup >>>>> using goto >>>> >>>> These two drivers already have multiple other usages of this. All the >>>> other instances initialize to NULL; I'd prefer to see this do the same >>>> over changing this single instance. >>>> >>> >>> Other usages are slightly complicated to be refactored and might need >>> good testing. Do you want me to do it in a different series? >> >> Hi Ally, >> >> Sorry, I think I was unclear. I'd prefer these two initialized to NULL, >> to match the other usages, over removing the __free() from them. > > I had a patch for that already, but, isn't using __free discouraged in > networking drivers [1]? Simon was against it [2] you see, the construct is discouraged, so we don't use it everywhere, but cleaning up just a little would not change the state of the matter (IOW we will still be in "driver has some __free() usage" state). TBH, I would not spent my time "undoing" all of the __free() that we have already, especially the testing part sounds not fun. Turning all usage points to "= NULL" is orthogonal, and would be great. > > [2] https://lore.kernel.org/all/aQ9xp9pchMwml30P@horms.kernel.org/ > [1] https://docs.kernel.org/process/maintainer-netdev.html#using-device-managed-and-cleanup-h-constructs > > Regards, > Ally >
Powered by blists - more mailing lists