From: Dmitry Torokhov <dmitry.torokhov@gmail.com>
To: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Cc: Thomas Gleixner <tglx@kernel.org>, Ingo Molnar <mingo@redhat.com>,
Borislav Petkov <bp@alien8.de>,
Dave Hansen <dave.hansen@linux.intel.com>,
x86@kernel.org, Hans de Goede <hansg@kernel.org>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
"Rafael J. Wysocki" <rafael@kernel.org>,
Danilo Krummrich <dakr@kernel.org>,
Daniel Scally <djrscally@gmail.com>,
Heikki Krogerus <heikki.krogerus@linux.intel.com>,
Sakari Ailus <sakari.ailus@linux.intel.com>,
linux-kernel@vger.kernel.org, linux-acpi@vger.kernel.org,
driver-core@lists.linux.dev
Subject: Re: [PATCH 3/4] software node: verify that property data is not on stack
Date: Wed, 25 Mar 2026 09:24:57 -0700 [thread overview]
Message-ID: <acQJiEAtM3LKxDBS@google.com> (raw)
In-Reply-To: <acPMJiZHmxvVYYte@ashevche-desk.local>
On Wed, Mar 25, 2026 at 01:51:02PM +0200, Andy Shevchenko wrote:
> On Tue, Mar 24, 2026 at 09:17:18AM -0700, Dmitry Torokhov wrote:
> > On Tue, Mar 24, 2026 at 02:33:31PM +0200, Andy Shevchenko wrote:
> > > On Mon, Mar 23, 2026 at 05:39:39PM -0700, Dmitry Torokhov wrote:
> > > > When registering a software node, ensure that the property data is not
> > > > located on the stack, as it is expected to persist for the lifetime of
> > > > the node.
>
> ...
>
> > > > +#include <linux/sched/task_stack.h>
> > >
> > > Looking at this name the use of it here doesn't sound right...
> >
> > Because ... ? object_is_on_stack() is defined there.
>
> Because it's defined there. The key word here I see is 'task' in the name of
> the header, without Ack from sched folks, I am not convinced we can use that at
> any point in the kernel.
It is fine to be used in drivers, and it is used in USB
(drivers/usb/core/hcd.c), SPI (drivers/spi/spi-mem.c) and others.
"task" is not magical, it simply refers to a process or a thread (user
or kernel). This particular macro just checks if the object is within
limits of stack area of currently executing thread.
>
> ...
>
> > > > + for (prop = node->properties; prop && prop->name; prop++) {
> > > > + if (!prop->is_inline && object_is_on_stack(prop->pointer)) {
> > > > + pr_err("%s: property data can't be on stack\n", __func__);
> > > > + return -EINVAL;
> > > > + }
> > > > + }
> > >
> > > And again same question, why we can't simply dup them as we do for (string)
> > > arrays?
> >
> > Because majority of users of software_node_register() deal with static
> > const properties so duping them is waste of memory.
>
> So, then why can't we do that for the references? Just then copy and free at
> software unregistration if required.
We do not want to copy and free because that would be waste of memory in
majority of cases where software_node_register() is used.
When dealing with other kinds of properties it is pretty obvious where
the objectr itself lives, but when using PROPERTY_ENTRY_REF() and
PROPERTY_ENTYR_GPIO() it is very easy to miss (I did! and I made them)
that the reference args object is on stack as it is hidden behind a
macro.
So it is just a safeguard warning us ahead of time instead of needing to
figure out why a driver can't find GPIO even through the reference looks
right.
Thanks.
--
Dmitry
next prev parent reply other threads:[~2026-03-25 16:25 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-24 0:39 [PATCH 0/4] Fix handling of GPIO keys and LEDs on geode Dmitry Torokhov
2026-03-24 0:39 ` [PATCH 1/4] x86/geode: fix on-stack property data usage Dmitry Torokhov
2026-03-24 0:39 ` [PATCH 2/4] software node: allow passing reference args to PROPERTY_ENTRY_REF Dmitry Torokhov
2026-03-24 12:30 ` Andy Shevchenko
2026-03-24 16:12 ` Dmitry Torokhov
2026-03-24 0:39 ` [PATCH 3/4] software node: verify that property data is not on stack Dmitry Torokhov
2026-03-24 12:33 ` Andy Shevchenko
2026-03-24 16:17 ` Dmitry Torokhov
2026-03-25 11:51 ` Andy Shevchenko
2026-03-25 16:24 ` Dmitry Torokhov [this message]
2026-03-26 11:19 ` Andy Shevchenko
2026-03-24 0:39 ` [PATCH 4/4] x86/geode: use PROPERTY_ENTRY_REF for GPIO properties Dmitry Torokhov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=acQJiEAtM3LKxDBS@google.com \
--to=dmitry.torokhov@gmail.com \
--cc=andriy.shevchenko@linux.intel.com \
--cc=bp@alien8.de \
--cc=dakr@kernel.org \
--cc=dave.hansen@linux.intel.com \
--cc=djrscally@gmail.com \
--cc=driver-core@lists.linux.dev \
--cc=gregkh@linuxfoundation.org \
--cc=hansg@kernel.org \
--cc=heikki.krogerus@linux.intel.com \
--cc=linux-acpi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=rafael@kernel.org \
--cc=sakari.ailus@linux.intel.com \
--cc=tglx@kernel.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.