Re: [PATCH] of: Deep-copy names of platform devices

[Stepan Moskovchenko <stepanm@codeaurora.org>]

On 8/12/2014 9:12 AM, Kumar Gala wrote:
>
> On Aug 11, 2014, at 9:42 PM, Stepan Moskovchenko <stepanm@codeaurora.org> wrote:
>
>> When we parse the device tree and allocate platform
>> devices, the 'name' of the newly-created platform_device
>> is set to point to the 'name' field of the 'struct device'
>> embedded within the platform_device. This is dangerous,
>> because the name of the 'struct device' is dynamically
>> allocated. Drivers may call dev_set_name() on the device,
>> which will free and reallocate the name of the device,
>> leaving the 'name' of the platform_device pointing to the
>> now-freed memory.
>>
>> Furthermore, if the dev_set_name() call is made from a
>> driver's probe() function and a subsequent request results
>> in probe deferral, the dangling 'name' reference may lead
>> to the device being re-probed using the wrong driver.
>>
>> To mitigate these scenarios, we use kstrdup to perform a
>> deep copy of the device name when assigning the name of the
>> platform_device, so that the platform_device name is
>> unaffected by any calls to dev_set_name() that might made
>> by drivers to rename the embedded 'struct device'.
>>
>> Signed-off-by: Stepan Moskovchenko <stepanm@codeaurora.org>
>> ---
>> I suppose creating a 'pdev_set_name' API may seem like
>> another possibility, but I feel that dev.name and pdev.name
>> have two different meanings. One is used for device/driver
>> binding purposes, whereas the other serves a more general
>> identification purpose, and is used for things like sysfs.
>> Drivers might want to change dev.name while leaving the
>> pdev.name alone. I guess yet another possibility would be
>> to prohibit calling dev_set_name() on devices created from
>> device tree, but a driver does not necessarily know how a
>> given platform_device was allocated.
>>
>> drivers/of/device.c | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/drivers/of/device.c b/drivers/of/device.c
>> index f685e55..fe5f025 100644
>> --- a/drivers/of/device.c
>> +++ b/drivers/of/device.c
>> @@ -54,7 +54,7 @@ int of_device_add(struct platform_device *ofdev)
>>
>> 	/* name and id have to be set so that the platform bus doesn't get
>> 	 * confused on matching */
>> -	ofdev->name = dev_name(&ofdev->dev);
>> +	ofdev->name = kstrdup(dev_name(&ofdev->dev), GFP_KERNEL);
>> 	ofdev->id = -1;
>>
>> 	/* device_add will assume that this device is on the same node as
>
> Don’t we need to free this is of_device_unregister() now?
>
> - k
>

Argh. I was confused by the asymmetric naming of the APIs, but after 
digging through the callers outside from drivers/of/, it looks like 
things do eventually filter down to of_device_add() in all the cases I 
could find. So yes, this does need to be fixed. Expect v2 soon.

Thanks
Steve

-- 
  The Qualcomm Innovation Center, Inc. is a member of Code Aurora Forum,
  hosted by The Linux Foundation