From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.2 required=3.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED,USER_AGENT_SANE_1 autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3D4D2C433DF for ; Thu, 11 Jun 2020 13:02:13 +0000 (UTC) Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 114DF2078D for ; Thu, 11 Jun 2020 13:02:13 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="AzwgXgwN"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=armlinux.org.uk header.i=@armlinux.org.uk header.b="zbTQNcFF" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 114DF2078D Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=armlinux.org.uk Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+infradead-linux-arm-kernel=archiver.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:In-Reply-To:MIME-Version:References: Message-ID:Subject:To:From:Date:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=wnlewLo/rPva71yojrbfThDtiLEuaDP28RrHzLkNSlo=; b=AzwgXgwNtUJAdn MFgjjty6F3hd0kAyyl8k+XL4qjz0HEEei+ApW2t+NngYgUWrrQIETX8bDyUQ7WAfFakta7S6PbChC pGGKYXBLxBfBt4AEqLgecqHw9VgrxapPTl7F9DB92hai1OCFD/wkhQ9dxtslYpEctHrnR6VRjvjUe OcikZKYe3ZXWFWELwubPsyhdLsuEIimbXuMiO+Q/32BVTbG5yL1AQyCzonqsRQajsj8C2zLhN48qU pn9muQMuNBmFTCrb9WFKRMd7W/+UUheVjLOhreb+Hs5vXCc5S+yRk84C8wfjdaMAmxvdpx8kJhr84 RZH9TwVxNEuA94V7mHug==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1jjMqS-0006Uw-KM; Thu, 11 Jun 2020 13:02:12 +0000 Received: from pandora.armlinux.org.uk ([2001:4d48:ad52:32c8:214:fdff:fe10:1be6]) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1jjMqP-0006TX-OY for linux-arm-kernel@lists.infradead.org; Thu, 11 Jun 2020 13:02:11 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=armlinux.org.uk; s=pandora-2019; h=Sender:In-Reply-To:Content-Type: MIME-Version:References:Message-ID:Subject:Cc:To:From:Date:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=Mm9uMdNawpFPJoq8ynao2bprQnAwV8DjFqswfPl3MNA=; b=zbTQNcFFife0uuSsUHv4zaHTR 1gVp+mpRzzMcIpR9ybbXAX+tLR7msD4VuwW2OATlojjoyKYhpICFUgCpeMoWIP9dAg+g/LtN1xPB6 6BKuNn4p8x+JnU4yP9fX5Pu/Ifhpt60iaB3pbeZ9/zOEujVR9WBXaGMvGpV8uHiDtf7H//zO4nx4T ya5NdSzcqHtxAfFq9F9xJRNLy8I2DsRPIraNYn3Tp3rG0uRCzmSCw6ll9mayVOOESOz9SXhnKygU1 hcF2wTdxbhVkJr9oQ53ZKFI9nhRwdejNtaEu354ALuz5jAdZkHMTA6YIi+LuuNDbYVtY2vMeeYI2x kXn2d37ng==; Received: from shell.armlinux.org.uk ([fd8f:7570:feb6:1:5054:ff:fe00:4ec]:44194) by pandora.armlinux.org.uk with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jjMq4-0000GN-8F; Thu, 11 Jun 2020 14:01:48 +0100 Received: from linux by shell.armlinux.org.uk with local (Exim 4.92) (envelope-from ) id 1jjMq1-0005CT-Po; Thu, 11 Jun 2020 14:01:45 +0100 Date: Thu, 11 Jun 2020 14:01:45 +0100 From: Russell King - ARM Linux admin To: Marco Felsch Subject: Re: [PATCH 1/2] drm/imx: fix use after free Message-ID: <20200611130145.GX1551@shell.armlinux.org.uk> References: <20200611124332.20819-1-m.felsch@pengutronix.de> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <20200611124332.20819-1-m.felsch@pengutronix.de> User-Agent: Mutt/1.10.1 (2018-07-13) X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200611_060209_793963_62E450E3 X-CRM114-Status: GOOD ( 10.19 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: p.zabel@pengutronix.de, airlied@linux.ie, stefan@agner.ch, dri-devel@lists.freedesktop.org, daniel@ffwll.ch, shawnguo@kernel.org, kernel@pengutronix.de, linux-arm-kernel@lists.infradead.org Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+infradead-linux-arm-kernel=archiver.kernel.org@lists.infradead.org On Thu, Jun 11, 2020 at 02:43:31PM +0200, Marco Felsch wrote: > From: Philipp Zabel > > Component driver structures allocated with devm_kmalloc() in bind() are > freed automatically after unbind(). Since the contained drm structures > are accessed afterwards in drm_mode_config_cleanup(), move the > allocation into probe() to extend the driver structure's lifetime to the > lifetime of the device. This should eventually be changed to use drm > resource managed allocations with lifetime of the drm device. You need to be extremely careful doing this. If the allocation is in the probe function, it's lifetime is not just until unbind, but potentitally to the _next_ bind, unbind, bind, unbind. In other words, it's lifetime is from the point that the component is probed to the point that it is later removed. If the driver relies on initialisation of that structure, then that must be _very_ carefully handled - any state in that structure will remain. So, you need to think long and hard about changes like this, and do a thorough review of the lifetime of every structure member. -- RMK's Patch system: https://www.armlinux.org.uk/developer/patches/ FTTC for 0.8m (est. 1762m) line in suburbia: sync at 13.1Mbps down 503kbps up _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel