| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aWg3ztytIYtkkDj-@redhat.com>
Date: Wed, 14 Jan 2026 19:41:50 -0500
From: Brian Masney <bmasney@...hat.com>
To: Haoxiang Li <lihaoxiang@...c.iscas.ac.cn>
Cc: mturquette@...libre.com, sboyd@...nel.org, linux-clk@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] clk: st: clkgen-pll: Add a cleaup in
clkgen_c32_pll_setup()
Hi Haoxiang,
The subject has a typo: 'cleaup' should be 'cleanup'. Several notes
below.
On Wed, Jan 07, 2026 at 05:22:50PM +0800, Haoxiang Li wrote:
> Add a iounmap() to release the memory allocated by
> clkgen_get_register_base().
>
> Signed-off-by: Haoxiang Li <lihaoxiang@...c.iscas.ac.cn>
> ---
> drivers/clk/st/clkgen-pll.c | 7 +++++--
> 1 file changed, 5 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/clk/st/clkgen-pll.c b/drivers/clk/st/clkgen-pll.c
> index c258ff87a171..cc1dd9523fb2 100644
> --- a/drivers/clk/st/clkgen-pll.c
> +++ b/drivers/clk/st/clkgen-pll.c
> @@ -777,7 +777,7 @@ static void __init clkgen_c32_pll_setup(struct device_node *np,
> clk = clkgen_pll_register(parent_name, datac->data, pll_base, pll_flags,
> np->name, datac->data->lock);
> if (IS_ERR(clk))
> - return;
> + goto err_unmap;
>
> pll_name = __clk_get_name(clk);
>
> @@ -785,7 +785,7 @@ static void __init clkgen_c32_pll_setup(struct device_node *np,
>
> clk_data = kzalloc(sizeof(*clk_data), GFP_KERNEL);
> if (!clk_data)
> - return;
> + goto err_unmap;
These look fine, along with the err_unmap below. It looks like there's
several other leaks in this code though.
> clk_data->clk_num = num_odfs;
> clk_data->clks = kcalloc(clk_data->clk_num, sizeof(struct clk *),
> @@ -827,6 +827,9 @@ static void __init clkgen_c32_pll_setup(struct device_node *np,
> kfree(pll_name);
^^^^^^^^^
I know this isn't part of your patch, however pll_name is actually the
return value from __clk_get_name(), which is name member from
struct device_node. Is that correct to free here in the case of an
error?
Additionaly, clkgen_pll_register() calls kzalloc() for struct
clkgen_pll, and it won't be freed on the error case.
In clkgen_c32_pll_setup():
> clk = clkgen_pll_register(parent_name, datac->data, pll_base, pll_flags,
> np->name, datac->data->lock);
> if (IS_ERR(clk))
> return;
>
> pll_name = __clk_get_name(clk);
>
> num_odfs = datac->data->num_odfs;
>
> clk_data = kzalloc(sizeof(*clk_data), GFP_KERNEL);
> if (!clk_data)
> return;
^^^ clk is not freed here, along with pll_base does not have
iounmap called on it.
Brian
Powered by blists - more mailing lists