Re: [PATCH] net: ethernet: bgmac-platform: fix an OF node reference leak

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Simon Horman <horms@kernel.org>
To: Joe Hattori <joe@pf.is.s.u-tokyo.ac.jp>
Cc: rafal@milecki.pl, andrew+netdev@lunn.ch, davem@davemloft.net,
	edumazet@google.com, kuba@kernel.org, pabeni@redhat.com,
	bcm-kernel-feedback-list@broadcom.com, netdev@vger.kernel.org
Subject: Re: [PATCH] net: ethernet: bgmac-platform: fix an OF node reference leak
Date: Fri, 13 Dec 2024 10:55:08 +0000	[thread overview]
Message-ID: <20241213105508.GL2110@kernel.org> (raw)
In-Reply-To: <20241212023256.3453396-1-joe@pf.is.s.u-tokyo.ac.jp>

On Thu, Dec 12, 2024 at 11:32:56AM +0900, Joe Hattori wrote:
> The OF node obtained by of_parse_phandle() is not freed. Define a
> device node with __free(device_node) to fix the leak.
> 
> This bug was found by an experimental static analysis tool that I am
> developing.
> 
> Fixes: 1676aba5ef7e ("net: ethernet: bgmac: device tree phy enablement")
> Signed-off-by: Joe Hattori <joe@pf.is.s.u-tokyo.ac.jp>
> ---
>  drivers/net/ethernet/broadcom/bgmac-platform.c | 5 ++++-
>  1 file changed, 4 insertions(+), 1 deletion(-)
> 
> diff --git a/drivers/net/ethernet/broadcom/bgmac-platform.c b/drivers/net/ethernet/broadcom/bgmac-platform.c
> index ecce23cecbea..ca07a6d26590 100644
> --- a/drivers/net/ethernet/broadcom/bgmac-platform.c
> +++ b/drivers/net/ethernet/broadcom/bgmac-platform.c
> @@ -236,7 +236,10 @@ static int bgmac_probe(struct platform_device *pdev)
>  	bgmac->cco_ctl_maskset = platform_bgmac_cco_ctl_maskset;
>  	bgmac->get_bus_clock = platform_bgmac_get_bus_clock;
>  	bgmac->cmn_maskset32 = platform_bgmac_cmn_maskset32;
> -	if (of_parse_phandle(np, "phy-handle", 0)) {
> +
> +	struct device_node *phy_node __free(device_node) =
> +		of_parse_phandle(np, "phy-handle", 0);
> +	if (phy_node) {
>  		bgmac->phy_connect = platform_phy_connect;
>  	} else {
>  		bgmac->phy_connect = bgmac_phy_connect_direct;

Hi Joe,

I agree this is a problem and that it was introduced by the
cited commit. But I wonder if we can consider a different approach.

I would suggest that rather than using __free the node is explicitly
released. Something like this (untested):

	struct device_node *phy_node;

	...

	phy_node = of_parse_phandle(np, "phy-handle", 0);
	if (phy_node) {
		of_node_put(phy_node);
		bgmac->phy_connect = platform_phy_connect;
	} ...

That is, assuming that it is safe to release phy_node so early.
If not, some adjustment should be made to when of_node_put()
is called.

This is for several reasons;

1. I could be wrong, but I believe your patch kfree's phy_node,
   but my understanding is that correct operation is to call
   of_node_put().

2. More importantly, there is a preference in Newkorking code
   not to use __free and similar constructs.

     "Low level cleanup constructs (such as __free()) can be used when
      building APIs and helpers, especially scoped iterators. However,
      direct use of __free() within networking core and drivers is
      discouraged. Similar guidance applies to declaring variables
      mid-function.

     Link: https://docs.kernel.org/process/maintainer-netdev.html#using-device-managed-and-cleanup-h-constructs

3. As per the end of the quote above, there is a preference to declare all
   local variables at the top of the function (ideally, in reverse xmas
   tree order [*})

   [*] https://docs.kernel.org/process/maintainer-netdev.html#local-variable-ordering-reverse-xmas-tree-rcs

-- 
pw-bot: changes-requested

next prev parent reply	other threads:[~2024-12-13 10:55 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-12-12  2:32 [PATCH] net: ethernet: bgmac-platform: fix an OF node reference leak Joe Hattori
2024-12-13 10:55 ` Simon Horman [this message]
2024-12-13 12:04   ` Andrew Lunn
2024-12-13 13:29     ` Simon Horman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20241213105508.GL2110@kernel.org \
    --to=horms@kernel.org \
    --cc=andrew+netdev@lunn.ch \
    --cc=bcm-kernel-feedback-list@broadcom.com \
    --cc=davem@davemloft.net \
    --cc=edumazet@google.com \
    --cc=joe@pf.is.s.u-tokyo.ac.jp \
    --cc=kuba@kernel.org \
    --cc=netdev@vger.kernel.org \
    --cc=pabeni@redhat.com \
    --cc=rafal@milecki.pl \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.