From: Javier Carrasco <javier.carrasco.cruz@gmail.com>
To: Dan Carpenter <dan.carpenter@linaro.org>
Cc: Florian Fainelli <florian.fainelli@broadcom.com>,
Broadcom internal kernel review list
<bcm-kernel-feedback-list@broadcom.com>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Stefan Wahren <wahrenst@gmx.net>,
Umang Jain <umang.jain@ideasonboard.com>,
Laurent Pinchart <laurent.pinchart@ideasonboard.com>,
linux-rpi-kernel@lists.infradead.org,
linux-arm-kernel@lists.infradead.org,
linux-staging@lists.linux.dev, linux-kernel@vger.kernel.org,
stable@vger.kernel.org
Subject: Re: [PATCH] staging: vchiq_arm: Fix missing refcount decrement in error path for fw_node
Date: Mon, 14 Oct 2024 09:59:49 +0200 [thread overview]
Message-ID: <47c7694c-25e1-4fe1-ae3c-855178d3d065@gmail.com> (raw)
In-Reply-To: <a4283afc-f869-4048-90b4-1775acb9adda@stanley.mountain>
On 14/10/2024 09:22, Dan Carpenter wrote:
> On Sun, Oct 13, 2024 at 12:42:32PM +0200, Javier Carrasco wrote:
>> An error path was introduced without including the required call to
>> of_node_put() to decrement the node's refcount and avoid leaking memory.
>> If the call to kzalloc() for 'mgmt' fails, the probe returns without
>> decrementing the refcount.
>>
>> Use the automatic cleanup facility to fix the bug and protect the code
>> against new error paths where the call to of_node_put() might be missing
>> again.
>>
>> Cc: stable@vger.kernel.org
>> Fixes: 1c9e16b73166 ("staging: vc04_services: vchiq_arm: Split driver static and runtime data")
>> Signed-off-by: Javier Carrasco <javier.carrasco.cruz@gmail.com>
>> ---
>> drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c | 6 ++----
>> 1 file changed, 2 insertions(+), 4 deletions(-)
>>
>> diff --git a/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c b/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c
>> index 27ceaac8f6cc..792cf3a807e1 100644
>> --- a/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c
>> +++ b/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c
>> @@ -1332,7 +1332,8 @@ MODULE_DEVICE_TABLE(of, vchiq_of_match);
>>
>> static int vchiq_probe(struct platform_device *pdev)
>> {
>> - struct device_node *fw_node;
>> + struct device_node *fw_node __free(device_node) =
>> + of_find_compatible_node(NULL, NULL, "raspberrypi,bcm2835-firmware");
>> const struct vchiq_platform_info *info;
>> struct vchiq_drv_mgmt *mgmt;
>> int ret;
>> @@ -1341,8 +1342,6 @@ static int vchiq_probe(struct platform_device *pdev)
>> if (!info)
>> return -EINVAL;
>>
>> - fw_node = of_find_compatible_node(NULL, NULL,
>> - "raspberrypi,bcm2835-firmware");
>
> Perhaps it's better to declare the variable here so that the function and the
> error handling are next to each other.
>
> if (!info)
> return -EINVAL;
>
> struct device_node *fw_node __free(device_node) =
> of_find_compatible_node(NULL, NULL, "raspberrypi,bcm2835-firmware");
> if (!fw_node) {
>
> ...
>
> This is why we lifted the rule that variables had to be declared at the start
> of a function.
>
> regards,
> dan carpenter
>
This approach is great as long as the maintainer accepts mid-scope
variable declaration and the goto instructions get refactored, as stated
in cleanup.h.
The first point is not being that problematic so far, but the second one
is trickier, and we all have to take special care to avoid such issues,
even if they don't look dangerous in the current code, because adding a
goto where there cleanup attribute is already used can be overlooked as
well.
Actually there are goto instructions in the function, but at least in
their current form they are as harmless as useless. I will refactor them
anyway in another patch to stick to the recommendations, and declare the
device_node right before its first usage for v2.
Thanks and best regards,
Javier Carrasco
next prev parent reply other threads:[~2024-10-14 7:59 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-10-13 10:42 [PATCH] staging: vchiq_arm: Fix missing refcount decrement in error path for fw_node Javier Carrasco
2024-10-13 11:36 ` Umang Jain
2024-10-13 12:55 ` Javier Carrasco
2024-10-14 6:50 ` Krzysztof Kozlowski
2024-10-14 7:22 ` Dan Carpenter
2024-10-14 7:59 ` Javier Carrasco [this message]
2024-10-14 8:12 ` Dan Carpenter
2024-10-14 8:15 ` Javier Carrasco
2024-10-14 8:33 ` Greg Kroah-Hartman
2024-10-14 8:39 ` Dan Carpenter
2024-10-14 8:49 ` Javier Carrasco
2024-10-14 9:06 ` Dan Carpenter
2024-10-14 8:51 ` Krzysztof Kozlowski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=47c7694c-25e1-4fe1-ae3c-855178d3d065@gmail.com \
--to=javier.carrasco.cruz@gmail.com \
--cc=bcm-kernel-feedback-list@broadcom.com \
--cc=dan.carpenter@linaro.org \
--cc=florian.fainelli@broadcom.com \
--cc=gregkh@linuxfoundation.org \
--cc=laurent.pinchart@ideasonboard.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-rpi-kernel@lists.infradead.org \
--cc=linux-staging@lists.linux.dev \
--cc=stable@vger.kernel.org \
--cc=umang.jain@ideasonboard.com \
--cc=wahrenst@gmx.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox