Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp2331918imu; Fri, 14 Dec 2018 09:17:29 -0800 (PST) X-Google-Smtp-Source: AFSGD/Ur8F/kJG18i4VKhsENIarb1kJQXryzYUFfEgJ/9vc46M0BKNVU09knWoWpwnCzYwJTkTrQ X-Received: by 2002:a17:902:45:: with SMTP id 63mr3467737pla.272.1544807849874; Fri, 14 Dec 2018 09:17:29 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1544807849; cv=none; d=google.com; s=arc-20160816; b=VCdlKHEBpbGMLgYiii3wz0O4A6IFRwBqFW+sNo6mOT8JjCw+2HLdQWzPhBfnsDPBFb kPBkBmHKtyQXWgRM3M/Cs+SVHzjfTyBxtg3bGK1KTK/xHVsBMQAPrWIyFIW9wfoTJoOt WoAO753X2ZuLzAv2vhtza9G+TuYL5updvbeTttbVUdesAqsPylb6oLfqnFtaf9ZzyIS3 sCHJk2OlJMI0dl5g/jp4R70i67f+6PTPh9xyAJ5hJL8jNxK9Go4q1rsbDrT1iEK3e3Kn 90w9N97zW+fqFDDKKUYHz+90qEA9dZ10UVELT/gyBfjJVBLnC2QWh1EZUqyPrhPETBdm vkIA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=nxfvPXQGhGpiSeSpoAp2wOt3Fraw5LBbBR+q6AGeniM=; b=NtPOPyWq70cH7Ol6qTTrc761oTMPP58d3QbFPjGW6k1bcB50cfmDe0voC69xxa3Cxr UjcsILYg/S0NM++PD0ntroBGQNxTCiBRwdJuLpdqY+YLgJ3qVB6p1sgrLhEzneeD/fs+ 460/naGDy6rT8HAjNXqacSis367jGu3mpQs/A3C5Y3Q7vWXZSH+mI0X85pNJt64cSUlB nRLreyiwOT2ez50OISWAWShVMR9JnNWcVJDDyLzipnrfCBnvWW5OQKLImxOWnhuym+Tw sSBH/jwud8HXrnGCurKX6DyJlS3SgeJ1BHSI2KRtQyuzU3iAZOHXeH2VELrRQ47yV4u4 0Y9w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=i3Gg1yA8; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 61si4476570plz.117.2018.12.14.09.17.13; Fri, 14 Dec 2018 09:17:29 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=i3Gg1yA8; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730181AbeLNRPv (ORCPT + 99 others); Fri, 14 Dec 2018 12:15:51 -0500 Received: from mail.kernel.org ([198.145.29.99]:40236 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729508AbeLNRPv (ORCPT ); Fri, 14 Dec 2018 12:15:51 -0500 Received: from mail-qt1-f178.google.com (mail-qt1-f178.google.com [209.85.160.178]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 497BE2070D; Fri, 14 Dec 2018 17:15:51 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1544807751; bh=gDpPysTvFPjH+Q3xE4MMncwVDJ4s/xk7nl6RXCUksk0=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=i3Gg1yA8M/HoL2SG9Nil3QYvLJSiYnoK2CieOSe8HDWxAyKD8dzCvrenmaxucgNCZ Ce257l/R/M5ervAGp5S+rANazqGgM9e+ir2e+3FdRXs611ucdbyKd3qaX1+y0y+6Yk 9/8uEIbBIuHub74yQ5FJZ2IEaFp84qViRr7uB7qY= Received: by mail-qt1-f178.google.com with SMTP id d19so6951312qtq.9; Fri, 14 Dec 2018 09:15:50 -0800 (PST) X-Gm-Message-State: AA+aEWYjtBcNnWvHNDIGL0no1jw/K0JcrYItQVzHeWoDe9PpYUqd4JL8 Bopasc9GZ3Bmu4ECvmX5ZsAgrnJpwBr6rUpwoA== X-Received: by 2002:aed:29a6:: with SMTP id o35mr3589069qtd.257.1544807749457; Fri, 14 Dec 2018 09:15:49 -0800 (PST) MIME-Version: 1.0 References: <1544769771-5468-1-git-send-email-frowand.list@gmail.com> <1544769771-5468-2-git-send-email-frowand.list@gmail.com> In-Reply-To: <1544769771-5468-2-git-send-email-frowand.list@gmail.com> From: Rob Herring Date: Fri, 14 Dec 2018 11:15:36 -0600 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH 1/2] of: of_node_get()/of_node_put() nodes held in phandle cache To: Frank Rowand Cc: mwb@linux.vnet.ibm.com, linuxppc-dev , Michael Ellerman , Tyrel Datwyler , tlfalcon@linux.vnet.ibm.com, minkim@us.ibm.com, devicetree@vger.kernel.org, "linux-kernel@vger.kernel.org" Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Dec 14, 2018 at 12:43 AM wrote: > > From: Frank Rowand > > The phandle cache contains struct device_node pointers. The refcount > of the pointers was not incremented while in the cache, allowing use > after free error after kfree() of the node. Add the proper increment > and decrement of the use count. Since we pre-populate the cache at boot, all the nodes will have a ref count and will never be freed unless we happen to repopulate the whole cache. That doesn't seem ideal. The node pointer is not "in use" just because it is in the cache. Rob