From: Rolf Evers-Fischer <embedded24@evers-fischer.de>
To: kishon@ti.com
Cc: lorenzo.pieralisi@arm.com, bhelgaas@google.com,
linux-pci@vger.kernel.org, linux-kernel@vger.kernel.org,
andy.shevchenko@gmail.com,
Rolf Evers-Fischer <embedded24@evers-fischer.de>
Subject: [PATCH v4 0/3] pci: endpoint: Fix double free in pci_epf_create()
Date: Wed, 28 Feb 2018 14:07:16 +0100 [thread overview]
Message-ID: <20180228130719.31218-1-embedded24@evers-fischer.de> (raw)
This is version 4 of a patchset to avoid double free in function
'pci_epf_create()'.
When I accidentally created a new endpoint device with an empty name,
the kernel warned about "attempted to be registered with empty name!"
and crashed afterwards.
It turned out that the crash was not caused by the 'device_add()'
function itself, but by a double kfree of 'epf->name' and 'epf'.
The first patch just simplifies the code, while the second patch
fixes the problem. The third patch removes the goto labels.
Thank you Andy and Kishon for your Ack/Review on v3 for patches 1 and 2.
In v4 of these patches only the first lines of the commit messages
have been changed.
Changes in v4:
- s/pci/PCI and s/epf/EPF in the first line of
recent commit messages (thanks, Bjorn!)
- The new patch #3 removes the goto labels
in function 'pci_epf_create()' (thanks, Lorenzo!)
Changes in v3:
- Matched to other pending pci endpoint commits (thanks, Bjorn!)
- Added "Fixes" tag in patch 2 (thanks, Andy!)
Changes in v2:
- Based on feedback from Lorenzo, Andy and Kishon (thanks!)
- Change IDs removed
- First patch completely reworked in order to eliminate the
need for the second 'kstrdup' allocation and the 'kfree' of
the first allocation.
It was tested with name="pci_epf_test.0" and name="pci_epb":
The 'epf->name' was "pci_epf_test" or "pci_epb" (=unchanged).
Rolf Evers-Fischer (3):
PCI: endpoint: Simplify name allocation for EPF device
PCI: endpoint: Fix kernel panic after put_device()
PCI: endpoint: pci_epf_create: remove goto labels
drivers/pci/endpoint/pci-epf-core.c | 50 +++++++++----------------------------
1 file changed, 12 insertions(+), 38 deletions(-)
--
2.16.2
next reply other threads:[~2018-02-28 13:07 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-02-28 13:07 Rolf Evers-Fischer [this message]
2018-02-28 13:07 ` [PATCH v4 1/3] PCI: endpoint: Simplify name allocation for EPF device Rolf Evers-Fischer
2018-02-28 13:07 ` [PATCH v4 2/3] PCI: endpoint: Fix kernel panic after put_device() Rolf Evers-Fischer
2018-02-28 13:07 ` [PATCH v4 3/3] PCI: endpoint: pci_epf_create: remove goto labels Rolf Evers-Fischer
2018-02-28 13:27 ` Kishon Vijay Abraham I
2018-02-28 13:33 ` Lorenzo Pieralisi
2018-02-28 14:46 ` Rolf Evers-Fischer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180228130719.31218-1-embedded24@evers-fischer.de \
--to=embedded24@evers-fischer.de \
--cc=andy.shevchenko@gmail.com \
--cc=bhelgaas@google.com \
--cc=kishon@ti.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pci@vger.kernel.org \
--cc=lorenzo.pieralisi@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).