Received: by 2002:ac0:8c8e:0:0:0:0:0 with SMTP id r14csp814787ima; Wed, 6 Feb 2019 08:47:33 -0800 (PST) X-Google-Smtp-Source: AHgI3IblOiBriBCdwieJ32iBRC2JYTNAtWZppHFyWQ2Pmj8i7xAuWmvYGR5lxV7IkCZIOSQwbVL9 X-Received: by 2002:a17:902:a586:: with SMTP id az6mr11567324plb.298.1549471652850; Wed, 06 Feb 2019 08:47:32 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1549471652; cv=none; d=google.com; s=arc-20160816; b=hvqwxyFXPZoew3QB3UgRow0XDWXkXHuEbY9oJji34N7FCQDB9dlo/g3Nt4VXkdqe8D ebu+ITHLlC64H7v1F+B+J/pvhX5CeVqSjoycFmWlSChX7XTXEMB2PMoXlF5dngf91C6G mFgGFNr9dIgGH3gYN8lNNL9F/8GGFgAd5Dt+EumxKM8zdDgzOHnBNr26k5xXffbgNVtr Wcph7FDIP9ZoAdqMGZMiYRbeSY+gt5opVqVjHX6eX/6NWRzydnTVnN1T7I2zRFanuf4K 8PR5X3SfjodBsebhVntoKxW4szPuYlNGK29S9UJRuFap+7uSDY4YdEo/63Qa/djE1YUD wrQg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=ZOneD8auqF48fGbOWeRMlBcBv4HBeUviqdvyoBHpAqg=; b=ErB/ZfJxQuMJVaRelMhqQz6wVmYsKVdKs+OqNsQ6JwlLeJHyzjlMnXwMEiSq+kYlKM TqJIPIZEmAF2kefP3rLfAJfr0xop5IZ9o1T+zQOSpVdVR97EgNTWkSTzUoCTbyny1siR VG0ibjnToGBbADkpBmyekqTP6zc/Q5DQVZjS/xsI8OqN/QV2wG42fScWF5DlMKdpULUJ 5AcOblsZWvaeNxdni3z0wD+Xv1EcpUeC3b2C4AuUWpCOwdaJD8jsBG96DD11YePCT/0x kf/Yx34a4U01bIEpGtdEtwn/RJWMaO8J6Kbs7Od6T/GQ7UcKj/NWsKaMhhgXT6VXFFs6 ZeNA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=K2y2TNHr; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id z9si3015324pgf.54.2019.02.06.08.47.17; Wed, 06 Feb 2019 08:47:32 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=K2y2TNHr; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731376AbfBFQrD (ORCPT + 99 others); Wed, 6 Feb 2019 11:47:03 -0500 Received: from mail.kernel.org ([198.145.29.99]:40380 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728167AbfBFQrD (ORCPT ); Wed, 6 Feb 2019 11:47:03 -0500 Received: from localhost (mobile-107-92-61-93.mycingular.net [107.92.61.93]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id A161220818; Wed, 6 Feb 2019 16:47:01 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1549471622; bh=vfbZaUIj9koDm+NdubUYBHlXHtqfbk9FbL0dkj+CTjA=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=K2y2TNHrl5c6Fs+ExRYepZbaR46jdbl9P/cjvTqgW9bVo8aSbnT9lrMlBPX5mtdU5 rxspeOweU8G8kTo5092CclfcKFqTVACQb5HXIh2cIfyVyLMMHBJ/DMVafLHvtyzbat WmvfWl1S7fr//S3LWUDyps1A64SRdUDnvdMHDH0A= Date: Wed, 6 Feb 2019 17:46:57 +0100 From: Greg KH To: Sven Van Asbroeck Cc: Kees Cook , Tejun Heo , Lai Jiangshan , LKML , Sebastian Reichel , Dmitry Torokhov Subject: Re: [RFC v1 0/3] Address potential user-after-free on module unload Message-ID: <20190206164657.GC8466@kroah.com> References: <20190204220952.30761-1-TheSven73@googlemail.com> <20190205184355.GC22198@kroah.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.11.3 (2019-02-01) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Feb 05, 2019 at 02:12:31PM -0500, Sven Van Asbroeck wrote: > On Tue, Feb 5, 2019 at 1:43 PM Greg KH wrote: > > > > > > It really should happen when the device is removed (if it is a driver > > that binds to a device.) > > Absolutely. That's why I'm advocating adding a devm_init_work(), > which will take care of this automatically. > > But it's of course not universally applicable. Not all drivers use devm. Ick, no, watch out for devm() calls. Odds are this is _NOT_ what you want to do for a device. Remember when devm calls get freed (hint, not at driver unbind/unload, but at device structure removal. By creating a work queue, you are suddenly tying module code to a device memory structure lifespan, both of which are totally independant. It's the same issue with the devm irq call, that has been nothing but a nightmare as everyone gets it wrong. Try to learn from our past mistakes please :) thanks, greg k-h