When the best clk is searched, we iterate over all possible clk.
If we find a better match, the previous one, if any, needs to be freed.
If a better match has already been found, we still need to free the new
one, otherwise it leaks.
Fixes: 5f5a7a5578c5 ("serial: samsung: switch to clkdev based clock lookup")
Signed-off-by: Christophe JAILLET <[email protected]>
---
This patch is speculative. Review with care.
I think that some clk_put() are also missing somewhere else in the driver
but won't be able to investigate further.
---
drivers/tty/serial/samsung_tty.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/drivers/tty/serial/samsung_tty.c b/drivers/tty/serial/samsung_tty.c
index dd751e7010e3..c07877dd25fa 100644
--- a/drivers/tty/serial/samsung_tty.c
+++ b/drivers/tty/serial/samsung_tty.c
@@ -1488,10 +1488,18 @@ static unsigned int s3c24xx_serial_getclk(struct s3c24xx_uart_port *ourport,
calc_deviation = -calc_deviation;
if (calc_deviation < deviation) {
+ /*
+ * If we find a better clk, release the previous one, if
+ * any.
+ */
+ if (!IS_ERR(*best_clk))
+ clk_put(*best_clk);
*best_clk = clk;
best_quot = quot;
*clk_num = cnt;
deviation = calc_deviation;
+ } else {
+ clk_put(clk);
}
}
--
2.34.1
On 09/06/2023 06:45, Christophe JAILLET wrote:
> When the best clk is searched, we iterate over all possible clk.
>
> If we find a better match, the previous one, if any, needs to be freed.
> If a better match has already been found, we still need to free the new
> one, otherwise it leaks.
>
> Fixes: 5f5a7a5578c5 ("serial: samsung: switch to clkdev based clock lookup")
> Signed-off-by: Christophe JAILLET <[email protected]>
> ---
> This patch is speculative. Review with care.
>
Reviewed-by: Krzysztof Kozlowski <[email protected]>
Best regards,
Krzysztof
while we are here ....
perhaps INT_MAX from kernel.h ?
int deviation = (1 << 30) - 1;
the part before looks a bit strange
if (ourport->info->has_divslot) {
unsigned long div = rate / req_baud;
/* The UDIVSLOT register on the newer UARTs allows us to
* get a divisor adjustment of 1/16th on the baud clock.
*
* We don't keep the UDIVSLOT value (the 16ths we
* calculated by not multiplying the baud by 16) as it
* is easy enough to recalculate.
*/
quot = div / 16;
baud = rate / div;
because
baud=rate/rate/req_baud = req_baud
can this be simplyfied ? (or is the numeric required ?)
Homebrew abs() kernel.h has a abs() can we use it here ?
if (calc_deviation < 0)
calc_deviation = -calc_deviation;
to the patch:
+ /*
+ * If we find a better clk, release the previous one, if
+ * any.
+ */
+ if (!IS_ERR(*best_clk))
+ clk_put(*best_clk);
the intentions are good. *best_clk is user supplied (and should be NULL)
filled & released in the next round but IMHO must be valid (is clk).
so no need to check. (ntl clk_put seems to handle NULL and ERR )
if (!clk || WARN_ON_ONCE(IS_ERR(clk)))
return;
JM2C
wh
________________________________________
Von: Christophe JAILLET <[email protected]>
Gesendet: Freitag, 9. Juni 2023 06:45:39
An: Krzysztof Kozlowski; Alim Akhtar; Greg Kroah-Hartman; Jiri Slaby; Thomas Abraham; Kukjin Kim
Cc: [email protected]; [email protected]; Christophe JAILLET; [email protected]; [email protected]; [email protected]
Betreff: [PATCH 2/2] tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() when iterating clk
When the best clk is searched, we iterate over all possible clk.
If we find a better match, the previous one, if any, needs to be freed.
If a better match has already been found, we still need to free the new
one, otherwise it leaks.
Fixes: 5f5a7a5578c5 ("serial: samsung: switch to clkdev based clock lookup")
Signed-off-by: Christophe JAILLET <[email protected]>
---
This patch is speculative. Review with care.
I think that some clk_put() are also missing somewhere else in the driver
but won't be able to investigate further.
---
drivers/tty/serial/samsung_tty.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/drivers/tty/serial/samsung_tty.c b/drivers/tty/serial/samsung_tty.c
index dd751e7010e3..c07877dd25fa 100644
--- a/drivers/tty/serial/samsung_tty.c
+++ b/drivers/tty/serial/samsung_tty.c
@@ -1488,10 +1488,18 @@ static unsigned int s3c24xx_serial_getclk(struct s3c24xx_uart_port *ourport,
calc_deviation = -calc_deviation;
if (calc_deviation < deviation) {
+ /*
+ * If we find a better clk, release the previous one, if
+ * any.
+ */
+ if (!IS_ERR(*best_clk))
+ clk_put(*best_clk);
*best_clk = clk;
best_quot = quot;
*clk_num = cnt;
deviation = calc_deviation;
+ } else {
+ clk_put(clk);
}
}
--
2.34.1
Le 09/06/2023 à 10:57, Walter Harms a écrit :
>
> while we are here ....
>
> perhaps INT_MAX from kernel.h ?
from include/vdso/limits.h
> int deviation = (1 << 30) - 1;
I don't know the initial intent for this value, but it is not the same
as MAX_INT.
>
> the part before looks a bit strange
>
> if (ourport->info->has_divslot) {
> unsigned long div = rate / req_baud;
>
> /* The UDIVSLOT register on the newer UARTs allows us to
> * get a divisor adjustment of 1/16th on the baud clock.
> *
> * We don't keep the UDIVSLOT value (the 16ths we
> * calculated by not multiplying the baud by 16) as it
> * is easy enough to recalculate.
> */
>
> quot = div / 16;
> baud = rate / div;
> because
> baud=rate/rate/req_baud = req_baud
In math yes. In integer computation, no.
rate = 20000
req_baud = 9600
div = rate / req_baud ==> 2
baud = rate / div; ==> 20000 / 2 = 10000
9600 <> 10000
I don't know if it is the intent, but it is the way it works.
And knowing that:
calc_deviation = req_baud - baud;
I guess that it is the way it is expected to work.
With your reasoning, calc_deviation would be always 0.
> can this be simplyfied ? (or is the numeric required ?)
>
>
> Homebrew abs() kernel.h has a abs() can we use it here ?
include/linux/math.h
>
> if (calc_deviation < 0)
> calc_deviation = -calc_deviation;
Ok, why not.
>
> to the patch:
>
> + /*
> + * If we find a better clk, release the previous one, if
> + * any.
> + */
> + if (!IS_ERR(*best_clk))
> + clk_put(*best_clk);
>
> the intentions are good. *best_clk is user supplied (and should be NULL)
??? Why should it be NULL?
There is only one caller, and the value id &clk, knowing that:
struct clk *clk = ERR_PTR(-EINVAL);
The code could be changed to have an initial NULL value, but it would'nt
bring that much added value, in my PoV.
It would only save a test which is just fine as-is.
> filled & released in the next round but IMHO must be valid (is clk).
> so no need to check. (ntl clk_put seems to handle NULL and ERR )
> if (!clk || WARN_ON_ONCE(IS_ERR(clk)))
> return;
My point with "if (!IS_ERR(*best_clk))" is to handle the initial
iteration when *best_clk is ERR_PTR(-EINVAL).
clk_put() can handle it, but it would WARN in the normal path, so it
sounds strange to me.
CJ
>
> JM2C
> wh
> ________________________________________
> Von: Christophe JAILLET <[email protected]>
> Gesendet: Freitag, 9. Juni 2023 06:45:39
> An: Krzysztof Kozlowski; Alim Akhtar; Greg Kroah-Hartman; Jiri Slaby; Thomas Abraham; Kukjin Kim
> Cc: [email protected]; [email protected]; Christophe JAILLET; [email protected]; [email protected]; [email protected]
> Betreff: [PATCH 2/2] tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() when iterating clk
>
> When the best clk is searched, we iterate over all possible clk.
>
> If we find a better match, the previous one, if any, needs to be freed.
> If a better match has already been found, we still need to free the new
> one, otherwise it leaks.
>
> Fixes: 5f5a7a5578c5 ("serial: samsung: switch to clkdev based clock lookup")
> Signed-off-by: Christophe JAILLET <[email protected]>
> ---
> This patch is speculative. Review with care.
>
> I think that some clk_put() are also missing somewhere else in the driver
> but won't be able to investigate further.
> ---
> drivers/tty/serial/samsung_tty.c | 8 ++++++++
> 1 file changed, 8 insertions(+)
>
> diff --git a/drivers/tty/serial/samsung_tty.c b/drivers/tty/serial/samsung_tty.c
> index dd751e7010e3..c07877dd25fa 100644
> --- a/drivers/tty/serial/samsung_tty.c
> +++ b/drivers/tty/serial/samsung_tty.c
> @@ -1488,10 +1488,18 @@ static unsigned int s3c24xx_serial_getclk(struct s3c24xx_uart_port *ourport,
> calc_deviation = -calc_deviation;
>
> if (calc_deviation < deviation) {
> + /*
> + * If we find a better clk, release the previous one, if
> + * any.
> + */
> + if (!IS_ERR(*best_clk))
> + clk_put(*best_clk);
> *best_clk = clk;
> best_quot = quot;
> *clk_num = cnt;
> deviation = calc_deviation;
> + } else {
> + clk_put(clk);
> }
> }
>
> --
> 2.34.1
>
>
On 10/06/2023 12:39, Andi Shyti wrote:
> Hi Christophe,
>
> On Fri, Jun 09, 2023 at 06:45:39AM +0200, Christophe JAILLET wrote:
>> When the best clk is searched, we iterate over all possible clk.
>>
>> If we find a better match, the previous one, if any, needs to be freed.
>> If a better match has already been found, we still need to free the new
>> one, otherwise it leaks.
>>
>> Fixes: 5f5a7a5578c5 ("serial: samsung: switch to clkdev based clock lookup")
>> Signed-off-by: Christophe JAILLET <[email protected]>
>> ---
>> This patch is speculative. Review with care.
>>
>> I think that some clk_put() are also missing somewhere else in the driver
>> but won't be able to investigate further.
>> ---
>> drivers/tty/serial/samsung_tty.c | 8 ++++++++
>> 1 file changed, 8 insertions(+)
>>
>> diff --git a/drivers/tty/serial/samsung_tty.c b/drivers/tty/serial/samsung_tty.c
>> index dd751e7010e3..c07877dd25fa 100644
>> --- a/drivers/tty/serial/samsung_tty.c
>> +++ b/drivers/tty/serial/samsung_tty.c
>> @@ -1488,10 +1488,18 @@ static unsigned int s3c24xx_serial_getclk(struct s3c24xx_uart_port *ourport,
>> calc_deviation = -calc_deviation;
>>
>> if (calc_deviation < deviation) {
>> + /*
>> + * If we find a better clk, release the previous one, if
>> + * any.
>> + */
>> + if (!IS_ERR(*best_clk))
>
> what is the case when *best_clk has an error in it?
The initial one? Open the place where the function is being called.
Best regards,
Krzysztof
Hi Krzysztof,
> On Sat, Jun 10, 2023 at 12:45:53PM +0200, Krzysztof Kozlowski wrote:
> On 10/06/2023 12:39, Andi Shyti wrote:
> > Hi Christophe,
> >
> > On Fri, Jun 09, 2023 at 06:45:39AM +0200, Christophe JAILLET wrote:
> >> When the best clk is searched, we iterate over all possible clk.
> >>
> >> If we find a better match, the previous one, if any, needs to be freed.
> >> If a better match has already been found, we still need to free the new
> >> one, otherwise it leaks.
> >>
> >> Fixes: 5f5a7a5578c5 ("serial: samsung: switch to clkdev based clock lookup")
> >> Signed-off-by: Christophe JAILLET <[email protected]>
> >> ---
> >> This patch is speculative. Review with care.
> >>
> >> I think that some clk_put() are also missing somewhere else in the driver
> >> but won't be able to investigate further.
> >> ---
> >> drivers/tty/serial/samsung_tty.c | 8 ++++++++
> >> 1 file changed, 8 insertions(+)
> >>
> >> diff --git a/drivers/tty/serial/samsung_tty.c b/drivers/tty/serial/samsung_tty.c
> >> index dd751e7010e3..c07877dd25fa 100644
> >> --- a/drivers/tty/serial/samsung_tty.c
> >> +++ b/drivers/tty/serial/samsung_tty.c
> >> @@ -1488,10 +1488,18 @@ static unsigned int s3c24xx_serial_getclk(struct s3c24xx_uart_port *ourport,
> >> calc_deviation = -calc_deviation;
> >>
> >> if (calc_deviation < deviation) {
> >> + /*
> >> + * If we find a better clk, release the previous one, if
> >> + * any.
> >> + */
> >> + if (!IS_ERR(*best_clk))
> >
> > what is the case when *best_clk has an error in it?
>
> The initial one? Open the place where the function is being called.
Right!
Reviewed-by: Andi Shyti <[email protected]>
Andi
>
> Best regards,
> Krzysztof
>
Hi Christophe,
On Fri, Jun 09, 2023 at 06:45:39AM +0200, Christophe JAILLET wrote:
> When the best clk is searched, we iterate over all possible clk.
>
> If we find a better match, the previous one, if any, needs to be freed.
> If a better match has already been found, we still need to free the new
> one, otherwise it leaks.
>
> Fixes: 5f5a7a5578c5 ("serial: samsung: switch to clkdev based clock lookup")
> Signed-off-by: Christophe JAILLET <[email protected]>
> ---
> This patch is speculative. Review with care.
>
> I think that some clk_put() are also missing somewhere else in the driver
> but won't be able to investigate further.
> ---
> drivers/tty/serial/samsung_tty.c | 8 ++++++++
> 1 file changed, 8 insertions(+)
>
> diff --git a/drivers/tty/serial/samsung_tty.c b/drivers/tty/serial/samsung_tty.c
> index dd751e7010e3..c07877dd25fa 100644
> --- a/drivers/tty/serial/samsung_tty.c
> +++ b/drivers/tty/serial/samsung_tty.c
> @@ -1488,10 +1488,18 @@ static unsigned int s3c24xx_serial_getclk(struct s3c24xx_uart_port *ourport,
> calc_deviation = -calc_deviation;
>
> if (calc_deviation < deviation) {
> + /*
> + * If we find a better clk, release the previous one, if
> + * any.
> + */
> + if (!IS_ERR(*best_clk))
what is the case when *best_clk has an error in it?
Andi
> + clk_put(*best_clk);
> *best_clk = clk;
> best_quot = quot;
> *clk_num = cnt;
> deviation = calc_deviation;
> + } else {
> + clk_put(clk);
> }
> }
>
> --
> 2.34.1
>