Received: by 2002:ac0:8c9a:0:0:0:0:0 with SMTP id r26csp4764259ima;
        Tue, 5 Feb 2019 00:35:06 -0800 (PST)
X-Google-Smtp-Source: AHgI3IbBd8WvwSinGHapeNwABU0CFxKNnHLn0UoiuRxtwI6KP0HeezFyZDYgTPWUa8SUkdXE/ziD
X-Received: by 2002:a62:1d4c:: with SMTP id d73mr3830531pfd.90.1549355706333;
        Tue, 05 Feb 2019 00:35:06 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1549355706; cv=none;
        d=google.com; s=arc-20160816;
        b=Yym+UdvzQHYcFHXLWFVKj8V/cKgRF6/A+WMOgQleE4//2sA5Lre1h6EFCHVLR85VGx
         nbf5/TZiqvkTkZvpneoPIIwDLQcViE2LI+e+Vj792e7702hLXU8fxNWpj1HTfCqq45jR
         DJL+hJ3erZSD+RG9XwVpAzWR47IqlLm+i258RB3rcNETm8xO/2za80X/MR3Ppirukwb+
         c5EiE/ZHi7vlupzKvEKImwlcmY6P670DKAc8y9u5RrSugDkDHWShltLLhv6351MYyt0J
         bp+2jMiQq3aNoI/XJGg2DZMxd07RB+Xoxp6vWGY6IKNlNJC1iVHF5PTW2BnC8F/ZOC9Y
         jX2Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date:dkim-signature;
        bh=3dAd757oK9DJ6817+XFjlVmTe/i0/VmoSVVwNsgUheY=;
        b=KcbdudppkNKXorf+dNkkEuKjVr0p7Y8JbfS6dukhozM8UjMPvpD2nsmH7V1GpiqDKs
         6dGp2PgNr2p+OvqFwg55nWZ35BccrFleLOo4w7tItd8gz5uXNUJW1otaRnBZQ7YyvggB
         uVybQM78JYRKDNmK2BIVXxWLLe4hXYas/p5p0WBJuhtGzyOOFGYDi9fe7EVzN+E39vdU
         0vXhkGjw7A6IQHl+iuMaeMom0DSUwHsjhrzSD8gjX4ZlRX4Cc62n1ak1Ney/44MC8dEh
         DMljnlFazeJ2ZaRz3R1Xei6uw8Wz8f63GV5d/Pfdmft0bUL28Yp4WCz/hY6LT1Oky/1N
         id2w==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=dvYzAd7S;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id z22si2588819pfd.197.2019.02.05.00.34.50;
        Tue, 05 Feb 2019 00:35:06 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=dvYzAd7S;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727975AbfBEI1b (ORCPT <rfc822;xiaochao379261131@gmail.com>
        + 99 others); Tue, 5 Feb 2019 03:27:31 -0500
Received: from mail-pl1-f195.google.com ([209.85.214.195]:35564 "EHLO
        mail-pl1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1725898AbfBEI1b (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 5 Feb 2019 03:27:31 -0500
Received: by mail-pl1-f195.google.com with SMTP id p8so1184349plo.2
        for <linux-kernel@vger.kernel.org>; Tue, 05 Feb 2019 00:27:30 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=date:from:to:cc:subject:message-id:references:mime-version
         :content-disposition:in-reply-to:user-agent;
        bh=3dAd757oK9DJ6817+XFjlVmTe/i0/VmoSVVwNsgUheY=;
        b=dvYzAd7SgoIM7wKZsHUm5am5HAwq8kjSuGZjTfSu/V9xoKns/DY84ioQOp2d6dQAWW
         GXRW3bkeiHsTK389IpASsHxULP4mIE+wHi9Hj6qplp2ha4sTf6gwuDXYRIwz1GKYPH1s
         0G+f0aSIsEGYTEzrLAWxN54c0f5TWAgkJPXOiOEzHACvjWbRJaK/zVbJk4VBpa7xqov/
         9L9+ef14QATrtx+jc0dTP0g/odBWUEM1KEr8G+TplnQvxv4BISzV4ot5nTXoG79gCCYT
         Ik9/ySGPqtCaHkrJOAU4tsA56btXZOWbX+Ld03xMe91LRxn38ptHkEBPdb0MGRtDOvO0
         6HQQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:date:from:to:cc:subject:message-id:references
         :mime-version:content-disposition:in-reply-to:user-agent;
        bh=3dAd757oK9DJ6817+XFjlVmTe/i0/VmoSVVwNsgUheY=;
        b=HDF/0jYAKy5f/zB1uG5QnD97YXH0Os88FAojstGz8Nokyr2s/62D+0VGhoTkAgpYev
         YRAJp8BLDYU86o/MmheF/GNqwh3qATbB1rF8XQbQesCYGSGX5aOVhPSBm03MjSBMDFir
         N2tf1knZmFz5p309+AaJw2RpEMwNQLodFFBgMaqvdPhO+owf1n7gffEfu4xUjewjE2DK
         UfO6x/zGKo7bMmeW2a4cTl1X6XFhIgn5gXoDdBVdiVu6ppoMgPKI6aPN7UhRAR3N+03V
         /1PZcOFSom3idRFBqqDGDjsfCpAg0EDtSEKujQYGPIYpqWkK9wjTo+soQBCWC3/EzekV
         HZuQ==
X-Gm-Message-State: AHQUAuZf3HhHDvLSV1LXMZSNgwvPS1J4vz0D9Xwmgs/tuvqIjvN3zTgC
        +ApJJWjfbG8rb0DJb58IE7M=
X-Received: by 2002:a17:902:8497:: with SMTP id c23mr3859199plo.64.1549355250001;
        Tue, 05 Feb 2019 00:27:30 -0800 (PST)
Received: from dtor-ws ([2620:15c:202:201:3adc:b08c:7acc:b325])
        by smtp.gmail.com with ESMTPSA id w5sm2858086pfn.89.2019.02.05.00.27.28
        (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
        Tue, 05 Feb 2019 00:27:29 -0800 (PST)
Date:   Tue, 5 Feb 2019 00:27:27 -0800
From:   Dmitry Torokhov <dmitry.torokhov@gmail.com>
To:     Sven Van Asbroeck <thesven73@gmail.com>
Cc:     Tejun Heo <tj@kernel.org>, Lai Jiangshan <jiangshanlai@gmail.com>,
        linux-kernel@vger.kernel.org, Sebastian Reichel <sre@kernel.org>,
        Kees Cook <keescook@chromium.org>
Subject: Re: [RFC v1 2/3] max17042_battery: fix potential user-after-free on
 module unload
Message-ID: <20190205082727.GB118684@dtor-ws>
References: <20190204220952.30761-1-TheSven73@googlemail.com>
 <20190204220952.30761-3-TheSven73@googlemail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20190204220952.30761-3-TheSven73@googlemail.com>
User-Agent: Mutt/1.10.1 (2018-07-13)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Mon, Feb 04, 2019 at 05:09:51PM -0500, Sven Van Asbroeck wrote:
> The work which is scheduled on a POR boot is potentially left
> pending or running until after the driver module is unloaded.
> 
> Fix by using resource-controlled version of INIT_WORK().
> 
> Signed-off-by: Sven Van Asbroeck <TheSven73@googlemail.com>
> ---
>  drivers/power/supply/max17042_battery.c | 5 ++++-
>  1 file changed, 4 insertions(+), 1 deletion(-)
> 
> diff --git a/drivers/power/supply/max17042_battery.c b/drivers/power/supply/max17042_battery.c
> index 2a8d75e5e930..a61e2b81f68a 100644
> --- a/drivers/power/supply/max17042_battery.c
> +++ b/drivers/power/supply/max17042_battery.c
> @@ -1100,7 +1100,10 @@ static int max17042_probe(struct i2c_client *client,
>  
>  	regmap_read(chip->regmap, MAX17042_STATUS, &val);
>  	if (val & STATUS_POR_BIT) {
> -		INIT_WORK(&chip->work, max17042_init_worker);
> +		ret = devm_init_work(&client->dev, &chip->work,
> +				max17042_init_worker);
> +		if (ret)
> +			return ret;
>  		schedule_work(&chip->work);

Are there many more instances of this? I am unsure if we need
devm_init_work() when we can easily do the same in remove() call.

Thanks.

-- 
Dmitry