lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <15123ef6-1a36-4b3e-ba4e-9ac5d92c8158@samsung.com>
Date: Mon, 5 Jan 2026 11:50:40 +0100
From: Michal Wilczynski <m.wilczynski@...sung.com>
To: Kari Argillander <kari.argillander@...il.com>,
	Uwe Kleine-König <ukleinek@...nel.org>, Miguel Ojeda
	<ojeda@...nel.org>, Boqun Feng <boqun.feng@...il.com>, Gary Guo
	<gary@...yguo.net>, Björn Roy Baron
	<bjorn3_gh@...tonmail.com>, Benno Lossin <lossin@...nel.org>, Andreas
	Hindborg <a.hindborg@...nel.org>, Alice Ryhl <aliceryhl@...gle.com>, Trevor
	Gross <tmgross@...ch.edu>, Danilo Krummrich <dakr@...nel.org>
Cc: linux-pwm@...r.kernel.org, rust-for-linux@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2 1/2] rust: pwm: Fix potential memory leak on init
 error


Hi,
On 1/2/26 08:51, Kari Argillander wrote:
> When initializing a PWM chip using pwmchip_alloc(), the allocated device
> owns an initial reference that must be released on all error paths.
> 
> If __pinned_init() were to fail, the allocated pwm_chip would currently
> leak because the error path returns without calling pwmchip_put().
> 
> Fixes: 7b3dce814a15 ("rust: pwm: Add Kconfig and basic data structures")
> Signed-off-by: Kari Argillander <kari.argillander@...il.com>
> ---
>  rust/kernel/pwm.rs | 6 +++++-
>  1 file changed, 5 insertions(+), 1 deletion(-)
> 
> diff --git a/rust/kernel/pwm.rs b/rust/kernel/pwm.rs
> index 2dd72a39acb5..4f683158fc08 100644
> --- a/rust/kernel/pwm.rs
> +++ b/rust/kernel/pwm.rs
> @@ -607,7 +607,11 @@ pub fn new<'a>(
>          let drvdata_ptr = unsafe { bindings::pwmchip_get_drvdata(c_chip_ptr) };
>  
>          // SAFETY: We construct the `T` object in-place in the allocated private memory.
> -        unsafe { data.__pinned_init(drvdata_ptr.cast())? };
> +        unsafe { data.__pinned_init(drvdata_ptr.cast()) }.inspect_err(|_| {
> +            // SAFETY: It is safe to call `pwmchip_put()` with a valid pointer obtained
> +            // from `pwmchip_alloc()`. We will not use pointer after this.
> +            unsafe { bindings::pwmchip_put(c_chip_ptr) }
> +        })?;
>  
>          // SAFETY: `c_chip_ptr` points to a valid chip.
>          unsafe {
> 

Thank you for your patch, sorry for late reply due to holiday season. I
think the patch is good and the Fixes tag is appropriate, as this logic
should have been there in the first place regardless of whether the
pinned init can fail currently or not.

The v2 is fairly similar to what happens with drm device in device.rs
and I think it's more appropriate than v1.

Acked-by: Michal Wilczynski <m.wilczynski@...sung.com>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ