In of_pci_get_host_bridge_resources, we alloced some struct resource
variables, and they would cause memory leak since no where to free them.
Changes in v2:
Don't change the resource_list_create_entry's behavior.
Jeffy Chen (2):
PCI: return resource_entry in pci_add_resource helpers
of/pci: Fix memory leak in of_pci_get_host_bridge_resources
drivers/of/of_pci.c | 57 +++++++++++++++++++++++------------------------------
drivers/pci/bus.c | 13 +++++++-----
include/linux/pci.h | 8 +++++---
3 files changed, 38 insertions(+), 40 deletions(-)
--
2.1.4
Signed-off-by: Jeffy Chen <[email protected]>
---
Changes in v2: None
drivers/pci/bus.c | 13 ++++++++-----
include/linux/pci.h | 8 +++++---
2 files changed, 13 insertions(+), 8 deletions(-)
diff --git a/drivers/pci/bus.c b/drivers/pci/bus.c
index bc56cf1..36a1861 100644
--- a/drivers/pci/bus.c
+++ b/drivers/pci/bus.c
@@ -17,25 +17,28 @@
#include "pci.h"
-void pci_add_resource_offset(struct list_head *resources, struct resource *res,
- resource_size_t offset)
+struct resource_entry *pci_add_resource_offset(struct list_head *resources,
+ struct resource *res,
+ resource_size_t offset)
{
struct resource_entry *entry;
entry = resource_list_create_entry(res, 0);
if (!entry) {
printk(KERN_ERR "PCI: can't add host bridge window %pR\n", res);
- return;
+ return NULL;
}
entry->offset = offset;
resource_list_add_tail(entry, resources);
+ return entry;
}
EXPORT_SYMBOL(pci_add_resource_offset);
-void pci_add_resource(struct list_head *resources, struct resource *res)
+struct resource_entry *pci_add_resource(struct list_head *resources,
+ struct resource *res)
{
- pci_add_resource_offset(resources, res, 0);
+ return pci_add_resource_offset(resources, res, 0);
}
EXPORT_SYMBOL(pci_add_resource);
diff --git a/include/linux/pci.h b/include/linux/pci.h
index eb3da1a..ab16abe 100644
--- a/include/linux/pci.h
+++ b/include/linux/pci.h
@@ -1167,9 +1167,11 @@ void pci_release_selected_regions(struct pci_dev *, int);
/* drivers/pci/bus.c */
struct pci_bus *pci_bus_get(struct pci_bus *bus);
void pci_bus_put(struct pci_bus *bus);
-void pci_add_resource(struct list_head *resources, struct resource *res);
-void pci_add_resource_offset(struct list_head *resources, struct resource *res,
- resource_size_t offset);
+struct resource_entry *pci_add_resource(struct list_head *resources,
+ struct resource *res);
+struct resource_entry *pci_add_resource_offset(struct list_head *resources,
+ struct resource *res,
+ resource_size_t offset);
void pci_free_resource_list(struct list_head *resources);
void pci_bus_add_resource(struct pci_bus *bus, struct resource *res,
unsigned int flags);
--
2.1.4
Currently we only free the allocated resource struct when error.
This would cause memory leak after pci_free_resource_list.
Signed-off-by: Jeffy Chen <[email protected]>
---
Changes in v2:
Don't change the resource_list_create_entry's behavior.
drivers/of/of_pci.c | 57 +++++++++++++++++++++++------------------------------
1 file changed, 25 insertions(+), 32 deletions(-)
diff --git a/drivers/of/of_pci.c b/drivers/of/of_pci.c
index 0ee42c3..a0ec246 100644
--- a/drivers/of/of_pci.c
+++ b/drivers/of/of_pci.c
@@ -190,8 +190,7 @@ int of_pci_get_host_bridge_resources(struct device_node *dev,
struct list_head *resources, resource_size_t *io_base)
{
struct resource_entry *window;
- struct resource *res;
- struct resource *bus_range;
+ struct resource res;
struct of_pci_range range;
struct of_pci_range_parser parser;
char range_type[4];
@@ -200,24 +199,24 @@ int of_pci_get_host_bridge_resources(struct device_node *dev,
if (io_base)
*io_base = (resource_size_t)OF_BAD_ADDR;
- bus_range = kzalloc(sizeof(*bus_range), GFP_KERNEL);
- if (!bus_range)
- return -ENOMEM;
-
pr_info("host bridge %s ranges:\n", dev->full_name);
- err = of_pci_parse_bus_range(dev, bus_range);
+ err = of_pci_parse_bus_range(dev, &res);
if (err) {
- bus_range->start = busno;
- bus_range->end = bus_max;
- bus_range->flags = IORESOURCE_BUS;
- pr_info(" No bus range found for %s, using %pR\n",
- dev->full_name, bus_range);
+ res.start = busno;
+ res.end = bus_max;
+ res.flags = IORESOURCE_BUS;
+ pr_info(" No bus range found for %s\n", dev->full_name);
} else {
- if (bus_range->end > bus_range->start + bus_max)
- bus_range->end = bus_range->start + bus_max;
+ if (res.end > res.start + bus_max)
+ res.end = res.start + bus_max;
+ }
+ window = pci_add_resource(resources, NULL);
+ if (!window) {
+ err = -ENOMEM;
+ goto parse_failed;
}
- pci_add_resource(resources, bus_range);
+ *window->res = res;
/* Check for ranges property */
err = of_pci_range_parser_init(&parser, dev);
@@ -244,24 +243,16 @@ int of_pci_get_host_bridge_resources(struct device_node *dev,
if (range.cpu_addr == OF_BAD_ADDR || range.size == 0)
continue;
- res = kzalloc(sizeof(struct resource), GFP_KERNEL);
- if (!res) {
- err = -ENOMEM;
- goto parse_failed;
- }
-
- err = of_pci_range_to_resource(&range, dev, res);
- if (err) {
- kfree(res);
+ err = of_pci_range_to_resource(&range, dev, &res);
+ if (err)
continue;
- }
- if (resource_type(res) == IORESOURCE_IO) {
+ if (resource_type(&res) == IORESOURCE_IO) {
if (!io_base) {
pr_err("I/O range found for %s. Please provide an io_base pointer to save CPU base address\n",
dev->full_name);
err = -EINVAL;
- goto conversion_failed;
+ goto parse_failed;
}
if (*io_base != (resource_size_t)OF_BAD_ADDR)
pr_warn("More than one I/O resource converted for %s. CPU base address for old range lost!\n",
@@ -269,16 +260,18 @@ int of_pci_get_host_bridge_resources(struct device_node *dev,
*io_base = range.cpu_addr;
}
- pci_add_resource_offset(resources, res, res->start - range.pci_addr);
+ window = pci_add_resource(resources, NULL);
+ if (!window) {
+ err = -ENOMEM;
+ goto parse_failed;
+ }
+ *window->res = res;
+ window->offset = res.start - range.pci_addr;
}
return 0;
-conversion_failed:
- kfree(res);
parse_failed:
- resource_list_for_each_entry(window, resources)
- kfree(window->res);
pci_free_resource_list(resources);
return err;
}
--
2.1.4
Hi Jeffy,
On 2017/3/23 16:12, Jeffy Chen wrote:
> In of_pci_get_host_bridge_resources, we alloced some struct resource
> variables, and they would cause memory leak since no where to free them.
>
Tested-by: Shawn Lin <[email protected]>
> Changes in v2:
> Don't change the resource_list_create_entry's behavior.
>
> Jeffy Chen (2):
> PCI: return resource_entry in pci_add_resource helpers
> of/pci: Fix memory leak in of_pci_get_host_bridge_resources
>
> drivers/of/of_pci.c | 57 +++++++++++++++++++++++------------------------------
> drivers/pci/bus.c | 13 +++++++-----
> include/linux/pci.h | 8 +++++---
> 3 files changed, 38 insertions(+), 40 deletions(-)
>
On Thu, Mar 23, 2017 at 3:12 AM, Jeffy Chen <[email protected]> wrote:
> Currently we only free the allocated resource struct when error.
> This would cause memory leak after pci_free_resource_list.
>
> Signed-off-by: Jeffy Chen <[email protected]>
> ---
>
> Changes in v2:
> Don't change the resource_list_create_entry's behavior.
>
> drivers/of/of_pci.c | 57 +++++++++++++++++++++++------------------------------
> 1 file changed, 25 insertions(+), 32 deletions(-)
>
> diff --git a/drivers/of/of_pci.c b/drivers/of/of_pci.c
> index 0ee42c3..a0ec246 100644
> --- a/drivers/of/of_pci.c
> +++ b/drivers/of/of_pci.c
> @@ -190,8 +190,7 @@ int of_pci_get_host_bridge_resources(struct device_node *dev,
> struct list_head *resources, resource_size_t *io_base)
> {
> struct resource_entry *window;
> - struct resource *res;
> - struct resource *bus_range;
> + struct resource res;
> struct of_pci_range range;
> struct of_pci_range_parser parser;
> char range_type[4];
> @@ -200,24 +199,24 @@ int of_pci_get_host_bridge_resources(struct device_node *dev,
> if (io_base)
> *io_base = (resource_size_t)OF_BAD_ADDR;
>
> - bus_range = kzalloc(sizeof(*bus_range), GFP_KERNEL);
> - if (!bus_range)
> - return -ENOMEM;
> -
> pr_info("host bridge %s ranges:\n", dev->full_name);
>
> - err = of_pci_parse_bus_range(dev, bus_range);
> + err = of_pci_parse_bus_range(dev, &res);
> if (err) {
> - bus_range->start = busno;
> - bus_range->end = bus_max;
> - bus_range->flags = IORESOURCE_BUS;
> - pr_info(" No bus range found for %s, using %pR\n",
> - dev->full_name, bus_range);
> + res.start = busno;
> + res.end = bus_max;
> + res.flags = IORESOURCE_BUS;
> + pr_info(" No bus range found for %s\n", dev->full_name);
> } else {
> - if (bus_range->end > bus_range->start + bus_max)
> - bus_range->end = bus_range->start + bus_max;
> + if (res.end > res.start + bus_max)
> + res.end = res.start + bus_max;
> + }
> + window = pci_add_resource(resources, NULL);
> + if (!window) {
> + err = -ENOMEM;
> + goto parse_failed;
> }
> - pci_add_resource(resources, bus_range);
> + *window->res = res;
Well, now this seems racy. You add a blank resource to the list first
and then fill it in.
Rob
On Thu, Mar 23, 2017 at 3:07 PM, Rob Herring <[email protected]> wrote:
> On Thu, Mar 23, 2017 at 3:12 AM, Jeffy Chen <[email protected]> wrote:
>> Currently we only free the allocated resource struct when error.
>> This would cause memory leak after pci_free_resource_list.
>>
>> Signed-off-by: Jeffy Chen <[email protected]>
>> ---
>>
>> Changes in v2:
>> Don't change the resource_list_create_entry's behavior.
>>
>> drivers/of/of_pci.c | 57 +++++++++++++++++++++++------------------------------
>> 1 file changed, 25 insertions(+), 32 deletions(-)
>>
>> diff --git a/drivers/of/of_pci.c b/drivers/of/of_pci.c
>> index 0ee42c3..a0ec246 100644
>> --- a/drivers/of/of_pci.c
>> +++ b/drivers/of/of_pci.c
>> @@ -190,8 +190,7 @@ int of_pci_get_host_bridge_resources(struct device_node *dev,
>> struct list_head *resources, resource_size_t *io_base)
>> {
>> struct resource_entry *window;
>> - struct resource *res;
>> - struct resource *bus_range;
>> + struct resource res;
>> struct of_pci_range range;
>> struct of_pci_range_parser parser;
>> char range_type[4];
>> @@ -200,24 +199,24 @@ int of_pci_get_host_bridge_resources(struct device_node *dev,
>> if (io_base)
>> *io_base = (resource_size_t)OF_BAD_ADDR;
>>
>> - bus_range = kzalloc(sizeof(*bus_range), GFP_KERNEL);
>> - if (!bus_range)
>> - return -ENOMEM;
>> -
>> pr_info("host bridge %s ranges:\n", dev->full_name);
>>
>> - err = of_pci_parse_bus_range(dev, bus_range);
>> + err = of_pci_parse_bus_range(dev, &res);
>> if (err) {
>> - bus_range->start = busno;
>> - bus_range->end = bus_max;
>> - bus_range->flags = IORESOURCE_BUS;
>> - pr_info(" No bus range found for %s, using %pR\n",
>> - dev->full_name, bus_range);
>> + res.start = busno;
>> + res.end = bus_max;
>> + res.flags = IORESOURCE_BUS;
>> + pr_info(" No bus range found for %s\n", dev->full_name);
>> } else {
>> - if (bus_range->end > bus_range->start + bus_max)
>> - bus_range->end = bus_range->start + bus_max;
>> + if (res.end > res.start + bus_max)
>> + res.end = res.start + bus_max;
>> + }
>> + window = pci_add_resource(resources, NULL);
>> + if (!window) {
>> + err = -ENOMEM;
>> + goto parse_failed;
>> }
>> - pci_add_resource(resources, bus_range);
>> + *window->res = res;
>
> Well, now this seems racy. You add a blank resource to the list first
> and then fill it in.
>
Huh? There is absolutely no guarantees for concurrent access here.
pcI_add_resource_offset() first adds a resource and then modifies
offset. Here we add an empty resource and then fill it in.
Thanks.
--
Dmitry
Hi Rob & Dmitry,
On 03/24/2017 06:58 AM, Dmitry Torokhov wrote:
> On Thu, Mar 23, 2017 at 3:07 PM, Rob Herring <[email protected]> wrote:
>> On Thu, Mar 23, 2017 at 3:12 AM, Jeffy Chen <[email protected]> wrote:
>>> Currently we only free the allocated resource struct when error.
>>> This would cause memory leak after pci_free_resource_list.
>>>
>>> Signed-off-by: Jeffy Chen <[email protected]>
>>> ---
>>>
>>> Changes in v2:
>>> Don't change the resource_list_create_entry's behavior.
>>>
>>> drivers/of/of_pci.c | 57 +++++++++++++++++++++++------------------------------
>>> 1 file changed, 25 insertions(+), 32 deletions(-)
>>>
>>> diff --git a/drivers/of/of_pci.c b/drivers/of/of_pci.c
>>> index 0ee42c3..a0ec246 100644
>>> --- a/drivers/of/of_pci.c
>>> +++ b/drivers/of/of_pci.c
>>> @@ -190,8 +190,7 @@ int of_pci_get_host_bridge_resources(struct device_node *dev,
>>> struct list_head *resources, resource_size_t *io_base)
>>> {
>>> struct resource_entry *window;
>>> - struct resource *res;
>>> - struct resource *bus_range;
>>> + struct resource res;
>>> struct of_pci_range range;
>>> struct of_pci_range_parser parser;
>>> char range_type[4];
>>> @@ -200,24 +199,24 @@ int of_pci_get_host_bridge_resources(struct device_node *dev,
>>> if (io_base)
>>> *io_base = (resource_size_t)OF_BAD_ADDR;
>>>
>>> - bus_range = kzalloc(sizeof(*bus_range), GFP_KERNEL);
>>> - if (!bus_range)
>>> - return -ENOMEM;
>>> -
>>> pr_info("host bridge %s ranges:\n", dev->full_name);
>>>
>>> - err = of_pci_parse_bus_range(dev, bus_range);
>>> + err = of_pci_parse_bus_range(dev, &res);
>>> if (err) {
>>> - bus_range->start = busno;
>>> - bus_range->end = bus_max;
>>> - bus_range->flags = IORESOURCE_BUS;
>>> - pr_info(" No bus range found for %s, using %pR\n",
>>> - dev->full_name, bus_range);
>>> + res.start = busno;
>>> + res.end = bus_max;
>>> + res.flags = IORESOURCE_BUS;
>>> + pr_info(" No bus range found for %s\n", dev->full_name);
>>> } else {
>>> - if (bus_range->end > bus_range->start + bus_max)
>>> - bus_range->end = bus_range->start + bus_max;
>>> + if (res.end > res.start + bus_max)
>>> + res.end = res.start + bus_max;
>>> + }
>>> + window = pci_add_resource(resources, NULL);
>>> + if (!window) {
>>> + err = -ENOMEM;
>>> + goto parse_failed;
>>> }
>>> - pci_add_resource(resources, bus_range);
>>> + *window->res = res;
>>
>> Well, now this seems racy. You add a blank resource to the list first
>> and then fill it in.
>>
>
> Huh? There is absolutely no guarantees for concurrent access here.
> pcI_add_resource_offset() first adds a resource and then modifies
> offset. Here we add an empty resource and then fill it in.
currently, we are using of_pci_get_host_bridge_resources in this pattern:
create resource list:
LIST_HEAD(res);
...
add resources into the list:
err = of_pci_get_host_bridge_resources(dev->of_node, 0, 0xff,
&res, &io_base);
...
walk over the list:
/* Get the I/O and memory ranges from DT */
resource_list_for_each_entry(win, &res) {
so only of_pci_get_host_bridge_resources is accessing this list at that
time.
and an empty resource is harmless i think(with zero size and flags) ;)
maybe i should add some comments in the patch
>
> Thanks.
>
On Thu, Mar 23, 2017 at 5:58 PM, Dmitry Torokhov <[email protected]> wrote:
> On Thu, Mar 23, 2017 at 3:07 PM, Rob Herring <[email protected]> wrote:
>> On Thu, Mar 23, 2017 at 3:12 AM, Jeffy Chen <[email protected]> wrote:
>>> Currently we only free the allocated resource struct when error.
>>> This would cause memory leak after pci_free_resource_list.
>>>
>>> Signed-off-by: Jeffy Chen <[email protected]>
>>> ---
>>>
>>> Changes in v2:
>>> Don't change the resource_list_create_entry's behavior.
>>>
>>> drivers/of/of_pci.c | 57 +++++++++++++++++++++++------------------------------
>>> 1 file changed, 25 insertions(+), 32 deletions(-)
>>>
>>> diff --git a/drivers/of/of_pci.c b/drivers/of/of_pci.c
>>> index 0ee42c3..a0ec246 100644
>>> --- a/drivers/of/of_pci.c
>>> +++ b/drivers/of/of_pci.c
>>> @@ -190,8 +190,7 @@ int of_pci_get_host_bridge_resources(struct device_node *dev,
>>> struct list_head *resources, resource_size_t *io_base)
>>> {
>>> struct resource_entry *window;
>>> - struct resource *res;
>>> - struct resource *bus_range;
>>> + struct resource res;
>>> struct of_pci_range range;
>>> struct of_pci_range_parser parser;
>>> char range_type[4];
>>> @@ -200,24 +199,24 @@ int of_pci_get_host_bridge_resources(struct device_node *dev,
>>> if (io_base)
>>> *io_base = (resource_size_t)OF_BAD_ADDR;
>>>
>>> - bus_range = kzalloc(sizeof(*bus_range), GFP_KERNEL);
>>> - if (!bus_range)
>>> - return -ENOMEM;
>>> -
>>> pr_info("host bridge %s ranges:\n", dev->full_name);
>>>
>>> - err = of_pci_parse_bus_range(dev, bus_range);
>>> + err = of_pci_parse_bus_range(dev, &res);
>>> if (err) {
>>> - bus_range->start = busno;
>>> - bus_range->end = bus_max;
>>> - bus_range->flags = IORESOURCE_BUS;
>>> - pr_info(" No bus range found for %s, using %pR\n",
>>> - dev->full_name, bus_range);
>>> + res.start = busno;
>>> + res.end = bus_max;
>>> + res.flags = IORESOURCE_BUS;
>>> + pr_info(" No bus range found for %s\n", dev->full_name);
>>> } else {
>>> - if (bus_range->end > bus_range->start + bus_max)
>>> - bus_range->end = bus_range->start + bus_max;
>>> + if (res.end > res.start + bus_max)
>>> + res.end = res.start + bus_max;
>>> + }
>>> + window = pci_add_resource(resources, NULL);
>>> + if (!window) {
>>> + err = -ENOMEM;
>>> + goto parse_failed;
>>> }
>>> - pci_add_resource(resources, bus_range);
>>> + *window->res = res;
>>
>> Well, now this seems racy. You add a blank resource to the list first
>> and then fill it in.
>>
>
> Huh? There is absolutely no guarantees for concurrent access here.
> pcI_add_resource_offset() first adds a resource and then modifies
> offset. Here we add an empty resource and then fill it in.
I don't really like this pattern either. Even if there's no actual
racy behavior, it takes more analysis than necessary to figure that
out.
pci_add_resource_offset() allocates a resource list entry, sets the
offset, then adds it to the list. It doesn't update a resource entry
that might be visible to anybody else. Here we do update a resource
that is already visible to others because it's already on the list.
Bjorn
BTW, please CC linux-pci on the entire series so it's easier to
review. I don't know where you envision having this applied, but I
only apply things to the PCI tree after they appear on linux-pci.
Hi Bjorn,
On 04/05/2017 03:18 AM, Bjorn Helgaas wrote:
> On Thu, Mar 23, 2017 at 5:58 PM, Dmitry Torokhov <[email protected]> wrote:
>> On Thu, Mar 23, 2017 at 3:07 PM, Rob Herring <[email protected]> wrote:
>>> On Thu, Mar 23, 2017 at 3:12 AM, Jeffy Chen <[email protected]> wrote:
>>>> Currently we only free the allocated resource struct when error.
>>>> This would cause memory leak after pci_free_resource_list.
>>>>
>>>> Signed-off-by: Jeffy Chen <[email protected]>
>>>> ---
>>>>
>>>> Changes in v2:
>>>> Don't change the resource_list_create_entry's behavior.
>>>>
>>>> drivers/of/of_pci.c | 57 +++++++++++++++++++++++------------------------------
>>>> 1 file changed, 25 insertions(+), 32 deletions(-)
>>>>
>>>> diff --git a/drivers/of/of_pci.c b/drivers/of/of_pci.c
>>>> index 0ee42c3..a0ec246 100644
>>>> --- a/drivers/of/of_pci.c
>>>> +++ b/drivers/of/of_pci.c
>>>> @@ -190,8 +190,7 @@ int of_pci_get_host_bridge_resources(struct device_node *dev,
>>>> struct list_head *resources, resource_size_t *io_base)
>>>> {
>>>> struct resource_entry *window;
>>>> - struct resource *res;
>>>> - struct resource *bus_range;
>>>> + struct resource res;
>>>> struct of_pci_range range;
>>>> struct of_pci_range_parser parser;
>>>> char range_type[4];
>>>> @@ -200,24 +199,24 @@ int of_pci_get_host_bridge_resources(struct device_node *dev,
>>>> if (io_base)
>>>> *io_base = (resource_size_t)OF_BAD_ADDR;
>>>>
>>>> - bus_range = kzalloc(sizeof(*bus_range), GFP_KERNEL);
>>>> - if (!bus_range)
>>>> - return -ENOMEM;
>>>> -
>>>> pr_info("host bridge %s ranges:\n", dev->full_name);
>>>>
>>>> - err = of_pci_parse_bus_range(dev, bus_range);
>>>> + err = of_pci_parse_bus_range(dev, &res);
>>>> if (err) {
>>>> - bus_range->start = busno;
>>>> - bus_range->end = bus_max;
>>>> - bus_range->flags = IORESOURCE_BUS;
>>>> - pr_info(" No bus range found for %s, using %pR\n",
>>>> - dev->full_name, bus_range);
>>>> + res.start = busno;
>>>> + res.end = bus_max;
>>>> + res.flags = IORESOURCE_BUS;
>>>> + pr_info(" No bus range found for %s\n", dev->full_name);
>>>> } else {
>>>> - if (bus_range->end > bus_range->start + bus_max)
>>>> - bus_range->end = bus_range->start + bus_max;
>>>> + if (res.end > res.start + bus_max)
>>>> + res.end = res.start + bus_max;
>>>> + }
>>>> + window = pci_add_resource(resources, NULL);
>>>> + if (!window) {
>>>> + err = -ENOMEM;
>>>> + goto parse_failed;
>>>> }
>>>> - pci_add_resource(resources, bus_range);
>>>> + *window->res = res;
>>>
>>> Well, now this seems racy. You add a blank resource to the list first
>>> and then fill it in.
>>>
>>
>> Huh? There is absolutely no guarantees for concurrent access here.
>> pcI_add_resource_offset() first adds a resource and then modifies
>> offset. Here we add an empty resource and then fill it in.
>
> I don't really like this pattern either. Even if there's no actual
> racy behavior, it takes more analysis than necessary to figure that
> out.
>
> pci_add_resource_offset() allocates a resource list entry, sets the
> offset, then adds it to the list. It doesn't update a resource entry
> that might be visible to anybody else. Here we do update a resource
> that is already visible to others because it's already on the list.
i was following ./drivers/pnp/resource.c, but i'm agree this is not a
good way.
i'll upload a new version to fix this in another way. more ideas:
1/ pass a struct device to of_pci_get_host_bridge_resources and use
devm_kzalloc
2/ add a new type of flags(or reuse IORESOURCE_AUTO) to tell
pci_free_resource_list to kfree them)
3/ add new helpers of of_pci_add_resource[_offset] to alloc empty res,
fill it, add to list.
>
> Bjorn
>
> BTW, please CC linux-pci on the entire series so it's easier to
> review. I don't know where you envision having this applied, but I
> only apply things to the PCI tree after they appear on linux-pci.
>
oh, sorry, didn't notice that, will do in next version.
>
>
On Tue, Apr 4, 2017 at 9:22 PM, jeffy <[email protected]> wrote:
> Hi Bjorn,
>
>
> On 04/05/2017 03:18 AM, Bjorn Helgaas wrote:
>>
>> On Thu, Mar 23, 2017 at 5:58 PM, Dmitry Torokhov <[email protected]>
>> wrote:
>>>
>>> On Thu, Mar 23, 2017 at 3:07 PM, Rob Herring <[email protected]> wrote:
>>>>
>>>> On Thu, Mar 23, 2017 at 3:12 AM, Jeffy Chen <[email protected]>
>>>> wrote:
>>>>>
>>>>> Currently we only free the allocated resource struct when error.
>>>>> This would cause memory leak after pci_free_resource_list.
>>>>> - pci_add_resource(resources, bus_range);
>>>>> + *window->res = res;
>>>>
>>>>
>>>> Well, now this seems racy. You add a blank resource to the list first
>>>> and then fill it in.
>>>>
>>>
>>> Huh? There is absolutely no guarantees for concurrent access here.
>>> pcI_add_resource_offset() first adds a resource and then modifies
>>> offset. Here we add an empty resource and then fill it in.
>>
>>
>> I don't really like this pattern either. Even if there's no actual
>> racy behavior, it takes more analysis than necessary to figure that
>> out.
>>
>> pci_add_resource_offset() allocates a resource list entry, sets the
>> offset, then adds it to the list. It doesn't update a resource entry
>> that might be visible to anybody else. Here we do update a resource
>> that is already visible to others because it's already on the list.
>
> i was following ./drivers/pnp/resource.c, but i'm agree this is not a good
> way.
>
> i'll upload a new version to fix this in another way. more ideas:
> 1/ pass a struct device to of_pci_get_host_bridge_resources and use
> devm_kzalloc
I would pick this one of the 3 options or...
> 2/ add a new type of flags(or reuse IORESOURCE_AUTO) to tell
> pci_free_resource_list to kfree them)
> 3/ add new helpers of of_pci_add_resource[_offset] to alloc empty res, fill
> it, add to list.
2 other options:
Add a function to undo everything that
of_pci_get_host_bridge_resources does. Then every caller of
of_pci_get_host_bridge_resources should have a call to that function.
Or maybe you can add a pci_free_resource_list_and_resources (needs a
better name) to free both resources and list. Then audit all the
current callers of pci_free_resource_list and determine which one's
can be changed (maybe it is all of them).
Rob