lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <aW5M4SoEtLfQ4tC2@bogus>
Date: Mon, 19 Jan 2026 15:25:21 +0000
From: Sudeep Holla <sudeep.holla@....com>
To: Dan Carpenter <dan.carpenter@...aro.org>
Cc: Felix Gu <gu_0233@...com>, Cristian Marussi <cristian.marussi@....com>,
	arm-scmi@...r.kernel.org, linux-arm-kernel@...ts.infradead.org,
	Sudeep Holla <sudeep.holla@....com>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] firmware: arm_scpi: Fix a reference leak on device node

On Sun, Jan 18, 2026 at 10:15:37PM +0300, Dan Carpenter wrote:
> On Fri, Jan 16, 2026 at 08:54:39PM +0800, Felix Gu wrote:
> > When calling of_parse_phandle_with_args(), the caller is responsible
> > to call of_node_put() to release the reference of device node.
> > In scpi_dev_domain_id, it does not release the reference.
> > 
> > Fixes: 45ca7df7c345 ("firmware: arm_scpi: add support to populate OPPs and get transition latency")
> > 
> 
> nit: delete the blank line after the Fixes tag.
> 
> > Signed-off-by: Felix Gu <gu_0233@...com>
> 
> Did you find this issue just by reviewing the code?  I read the comments
> and then looked at a sample of four other callers and none of them
> called of_node_put().  So it's a weird thing.  If this is really the rule
> then we should have a static checker heuristic to enforce it.
> 

I agree. I see bit of inconsistency at call sites especially in SC{P,M}I
related modules I maintain. It seem to me based on the description at
of_parse_phandle_with_args() definition and various other call sites as
examples, we need to have of_node_put(). That said, I don't have any easier
way to validate these, so I am happy for any reviews and recommendations.

-- 
Regards,
Sudeep

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ