Re: [PATCH v2 2/4] of: dynamic: add of_property_alloc() and of_property_free()

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Tyrel Datwyler <tyreld@linux.ibm.com>
To: "Clément Léger" <clement.leger@bootlin.com>
Cc: David Hildenbrand <david@redhat.com>,
	Paul Mackerras <paulus@samba.org>,
	Thomas Petazzoni <thomas.petazzoni@bootlin.com>,
	Ohhoon Kwon <ohoono.kwon@samsung.com>,
	Frank Rowand <frowand.list@gmail.com>,
	Horatiu Vultur <horatiu.vultur@microchip.com>,
	Steen Hegelund <steen.hegelund@microchip.com>,
	Daniel Henrique Barboza <danielhb413@gmail.com>,
	YueHaibing <yuehaibing@huawei.com>,
	Bjorn Helgaas <helgaas@kernel.org>,
	Nathan Lynch <nathanl@linux.ibm.com>,
	devicetree@vger.kernel.org, Rob Herring <robh+dt@kernel.org>,
	Allan Nielsen <allan.nielsen@microchip.com>,
	Laurent Dufour <ldufour@linux.ibm.com>,
	David Gibson <david@gibson.dropbear.id.au>,
	linux-kernel@vger.kernel.org,
	"Aneesh Kumar K.V" <aneesh.kumar@linux.ibm.com>,
	Andrew Morton <akpm@linux-foundation.org>,
	linuxppc-dev@lists.ozlabs.org, Lizhi Hou <lizhi.hou@xilinx.com>
Subject: Re: [PATCH v2 2/4] of: dynamic: add of_property_alloc() and of_property_free()
Date: Thu, 2 Jun 2022 11:10:07 -0700	[thread overview]
Message-ID: <04d9e84f-dc35-55f1-efd5-81114a6784cf@linux.ibm.com> (raw)
In-Reply-To: <20220602085828.2138554a@fixe.home>

On 6/1/22 23:58, Clément Léger wrote:
> Le Wed, 1 Jun 2022 15:32:29 -0700,
> Tyrel Datwyler <tyreld@linux.ibm.com> a écrit :
> 
>>>  /**
>>> - * __of_prop_dup - Copy a property dynamically.
>>> - * @prop:	Property to copy
>>> + * of_property_free - Free a property allocated dynamically.
>>> + * @prop:	Property to be freed
>>> + */
>>> +void of_property_free(const struct property *prop)
>>> +{
>>> +	if (!of_property_check_flag(prop, OF_DYNAMIC))
>>> +		return;
>>> +  
>>
>> This looks wrong to me. From what I understand the value data is allocated as
>> trailing memory that is part of the property allocation itself. (ie. prop =
>> kzalloc(sizeof(*prop) + len, allocflags)). So, kfree(prop) should also take care
>> of the trailing value data. Calling kfree(prop->value) is bogus since
>> prop->value wasn't dynamically allocated on its own.
> 
> kfree(prop->value) is only called if the value is not the trailing data
> of the property so I don't see what is wrong there. In that case, only
> kfree(prop) is called.

Right, Rob clarified for me in the v1 patch.

> 
>>
>> Also, this condition will always fail. You explicitly set prop->value = prop + 1
>> in alloc.
> 
> The user that did allocated the property might want to provide its own
> "value". In that case, prop->value would be overwritten by the user
> allocated value and thus the check would be true, hence calling
> kfree(prop->value).

So, that was the part I was missing. I think a comment would be helpful so its
clear value can be either trailing or user assigned.

-Tyrel

> 
>>
>> Maybe I need to go back and look at v1 again.
>>
>> -Tyrel
>>
>>> +	if (prop->value != prop + 1)
>>> +		kfree(prop->value);
>>> +
>>> +	kfree(prop->name);
>>> +	kfree(prop);
>>> +}
>>> +EXPORT_SYMBOL(of_property_free);
>>> +
> 
>

WARNING: multiple messages have this Message-ID (diff)

From: Tyrel Datwyler <tyreld@linux.ibm.com>
To: "Clément Léger" <clement.leger@bootlin.com>
Cc: Michael Ellerman <mpe@ellerman.id.au>,
	Benjamin Herrenschmidt <benh@kernel.crashing.org>,
	Paul Mackerras <paulus@samba.org>,
	Rob Herring <robh+dt@kernel.org>,
	Frank Rowand <frowand.list@gmail.com>,
	Nathan Lynch <nathanl@linux.ibm.com>,
	Laurent Dufour <ldufour@linux.ibm.com>,
	Daniel Henrique Barboza <danielhb413@gmail.com>,
	David Gibson <david@gibson.dropbear.id.au>,
	Andrew Morton <akpm@linux-foundation.org>,
	David Hildenbrand <david@redhat.com>,
	Ohhoon Kwon <ohoono.kwon@samsung.com>,
	"Aneesh Kumar K.V" <aneesh.kumar@linux.ibm.com>,
	YueHaibing <yuehaibing@huawei.com>,
	devicetree@vger.kernel.org,
	Steen Hegelund <steen.hegelund@microchip.com>,
	linux-kernel@vger.kernel.org, Lizhi Hou <lizhi.hou@xilinx.com>,
	Allan Nielsen <allan.nielsen@microchip.com>,
	Thomas Petazzoni <thomas.petazzoni@bootlin.com>,
	Bjorn Helgaas <helgaas@kernel.org>,
	linuxppc-dev@lists.ozlabs.org,
	Horatiu Vultur <horatiu.vultur@microchip.com>
Subject: Re: [PATCH v2 2/4] of: dynamic: add of_property_alloc() and of_property_free()
Date: Thu, 2 Jun 2022 11:10:07 -0700	[thread overview]
Message-ID: <04d9e84f-dc35-55f1-efd5-81114a6784cf@linux.ibm.com> (raw)
In-Reply-To: <20220602085828.2138554a@fixe.home>

On 6/1/22 23:58, Clément Léger wrote:
> Le Wed, 1 Jun 2022 15:32:29 -0700,
> Tyrel Datwyler <tyreld@linux.ibm.com> a écrit :
> 
>>>  /**
>>> - * __of_prop_dup - Copy a property dynamically.
>>> - * @prop:	Property to copy
>>> + * of_property_free - Free a property allocated dynamically.
>>> + * @prop:	Property to be freed
>>> + */
>>> +void of_property_free(const struct property *prop)
>>> +{
>>> +	if (!of_property_check_flag(prop, OF_DYNAMIC))
>>> +		return;
>>> +  
>>
>> This looks wrong to me. From what I understand the value data is allocated as
>> trailing memory that is part of the property allocation itself. (ie. prop =
>> kzalloc(sizeof(*prop) + len, allocflags)). So, kfree(prop) should also take care
>> of the trailing value data. Calling kfree(prop->value) is bogus since
>> prop->value wasn't dynamically allocated on its own.
> 
> kfree(prop->value) is only called if the value is not the trailing data
> of the property so I don't see what is wrong there. In that case, only
> kfree(prop) is called.

Right, Rob clarified for me in the v1 patch.

> 
>>
>> Also, this condition will always fail. You explicitly set prop->value = prop + 1
>> in alloc.
> 
> The user that did allocated the property might want to provide its own
> "value". In that case, prop->value would be overwritten by the user
> allocated value and thus the check would be true, hence calling
> kfree(prop->value).

So, that was the part I was missing. I think a comment would be helpful so its
clear value can be either trailing or user assigned.

-Tyrel

> 
>>
>> Maybe I need to go back and look at v1 again.
>>
>> -Tyrel
>>
>>> +	if (prop->value != prop + 1)
>>> +		kfree(prop->value);
>>> +
>>> +	kfree(prop->name);
>>> +	kfree(prop);
>>> +}
>>> +EXPORT_SYMBOL(of_property_free);
>>> +
> 
>

next prev parent reply	other threads:[~2022-06-02 18:11 UTC|newest]

Thread overview: 22+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-06-01  8:17 [PATCH v2 0/4] of: add of_property_alloc/free() and of_node_alloc() Clément Léger
2022-06-01  8:17 ` Clément Léger
2022-06-01  8:17 ` [PATCH v2 1/4] of: constify of_property_check_flags() prop argument Clément Léger
2022-06-01  8:17   ` Clément Léger
2022-06-03 20:24   ` Rob Herring
2022-06-03 20:24     ` Rob Herring
2022-06-01  8:17 ` [PATCH v2 2/4] of: dynamic: add of_property_alloc() and of_property_free() Clément Léger
2022-06-01  8:17   ` Clément Léger
2022-06-01 22:32   ` Tyrel Datwyler
2022-06-01 22:32     ` Tyrel Datwyler
2022-06-02  6:58     ` Clément Léger
2022-06-02  6:58       ` Clément Léger
2022-06-02 18:10       ` Tyrel Datwyler [this message]
2022-06-02 18:10         ` Tyrel Datwyler
2022-06-01  8:18 ` [PATCH v2 3/4] of: dynamic: add of_node_alloc() Clément Léger
2022-06-01  8:18   ` Clément Léger
2022-06-01  8:18 ` [PATCH v2 4/4] powerpc/pseries: use of_property_alloc/free() and of_node_alloc() Clément Léger
2022-06-01  8:18   ` Clément Léger
2022-06-03 20:14   ` Rob Herring
2022-06-03 20:14     ` Rob Herring
2022-06-06  8:45     ` Clément Léger
2022-06-06  8:45       ` Clément Léger

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=04d9e84f-dc35-55f1-efd5-81114a6784cf@linux.ibm.com \
    --to=tyreld@linux.ibm.com \
    --cc=akpm@linux-foundation.org \
    --cc=allan.nielsen@microchip.com \
    --cc=aneesh.kumar@linux.ibm.com \
    --cc=clement.leger@bootlin.com \
    --cc=danielhb413@gmail.com \
    --cc=david@gibson.dropbear.id.au \
    --cc=david@redhat.com \
    --cc=devicetree@vger.kernel.org \
    --cc=frowand.list@gmail.com \
    --cc=helgaas@kernel.org \
    --cc=horatiu.vultur@microchip.com \
    --cc=ldufour@linux.ibm.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linuxppc-dev@lists.ozlabs.org \
    --cc=lizhi.hou@xilinx.com \
    --cc=nathanl@linux.ibm.com \
    --cc=ohoono.kwon@samsung.com \
    --cc=paulus@samba.org \
    --cc=robh+dt@kernel.org \
    --cc=steen.hegelund@microchip.com \
    --cc=thomas.petazzoni@bootlin.com \
    --cc=yuehaibing@huawei.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.