Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp2608963ybt; Tue, 16 Jun 2020 10:12:37 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyxJRHZV18BmkZetQ8IujecJMg0w0N0zyz3GdKeXPfCUce3g+H6wA0nahwgJ2jJ2bJvEduw X-Received: by 2002:a17:906:2cd5:: with SMTP id r21mr3662918ejr.20.1592327557665; Tue, 16 Jun 2020 10:12:37 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1592327557; cv=none; d=google.com; s=arc-20160816; b=t6ntOX/n556HEhmCYIf7MKdJAM3j9HfJ5o20dS4R+PwlN6qqFV2njNjn67jgBNlD+w RsHepQ+UWk9VMgOPtEAYiRM49DLokI0hc0MpG8kBHEL4jtlAuamOB/e5n+D6q3/ebUT/ h9ovD3apH/8eol7HfEcztAARMOObUqdRHo7Gp3ytxiuLrsY3/nFCBNOhpPy//hhPXUuE dM8Hrz3G8n3L1trWTWim+yGReucGhLCcrn5IgrdQzvFdTxaodfpxFGONAbO3wpiT2a0N I+Qim5/otfcTg+w6CoRJkbEneg2GproAhU1cZBIAcrLqvQHHUVdxq2r4ek4T78bFiS+a C29w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:in-reply-to:content-transfer-encoding :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=7lURMaUe5jYtdKF0zOSuNKzOTK40y+fdChsIGC4i+C8=; b=S/vwk9ZieXtzjfy9W3GV5Uiwx72ZGr3uOdzlFOWiTonnZcAZfmiAn2OKYgkqmtglv5 KtUb1WbnDeyT1lkoBEbhp7MDeWpo6DtM7gxfB8QQnAm0MvNlRNnaZKRyuolngxoOggSI ZHOG7Q5Iz1p3aH2eJCcSlo5OrqyLDAQR9Hr1o23/R1ZRSilvmEdpk6neoedex1OLjB1q Djt3zPAjqQVcU+p3CPgNMyaeRoxlg8ibu6WcHvy0xHp5FsiJJ1otpbbGI/4akFgq6Xt+ ObuuAJYHtBv/hxItAfooeo+bJUEAEmSNjwT1cfI7uY8Bc3JlesGdqK1zYJdSzH+PuTOe VN4w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=KLfrT4xl; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id kt18si11229983ejb.511.2020.06.16.10.12.14; Tue, 16 Jun 2020 10:12:37 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=KLfrT4xl; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730393AbgFPRKQ (ORCPT + 99 others); Tue, 16 Jun 2020 13:10:16 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59374 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730080AbgFPRKP (ORCPT ); Tue, 16 Jun 2020 13:10:15 -0400 Received: from mail-pl1-x642.google.com (mail-pl1-x642.google.com [IPv6:2607:f8b0:4864:20::642]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B20BBC061573 for ; Tue, 16 Jun 2020 10:10:14 -0700 (PDT) Received: by mail-pl1-x642.google.com with SMTP id y17so8659091plb.8 for ; Tue, 16 Jun 2020 10:10:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:content-transfer-encoding:in-reply-to; bh=7lURMaUe5jYtdKF0zOSuNKzOTK40y+fdChsIGC4i+C8=; b=KLfrT4xlbC42G1UvczEXZXkAdwiOIRXjPtQ9jnYbnZOB6WnVRtkxJX9zyYP8OOSgya yJ+wsxPA/XBz5RaoReBWYfgzA8tyhOBHxb/c+wfp0QbxIS8WF60iOsoVdRGWG2+yn+sG rD8SQSOZY9HUWtRFKWPiRF4hYOdyMwFFMJR8RcLpTspe5FnnNVWqb1ih1iQJbkPp9XyD 3VamWAAVJLFnZBp0cdu2t5kZcGly0SMvJSKgxMaA46NpyqqbyMgLrAU104dntPhHqXzc m+zhLkBLOJdP1VdUOcMC9Myr3p6nQh6oyiSgCVm7G07dWIrNs4DLtvJABTsplHs3CBF8 XLxQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:content-transfer-encoding :in-reply-to; bh=7lURMaUe5jYtdKF0zOSuNKzOTK40y+fdChsIGC4i+C8=; b=YD3ma1x9rqmhUvYpNjCfcADnajzakgVIc0jhq5o6yh9ZBmXE2AW+682RSPuodpxZKH vO3mxtY+pWhUePMiEcPUcUcrEOFD86E4/AUY7N5PWBlgtOrBf3QxxRd8poTg9ldoN8bf Dq0dpTn1kdopR50y0sjwvfj6UsHTl4FZhPnTKqpklLI0P9Rvg21Xg8+c9JFdlD2BV/6q HVQksimtyjiVo5xG8EIqdKsaQlRDiShpTU5dU5UnssT4kbQYmlotjXjAfawFWHadmMOf O3WVPXKB+KdXfkHUob2OZlEYRdKC9BPnUzRlpxBUO7+UBEt0TFvnesRdQ3xY48ugNS70 YgEQ== X-Gm-Message-State: AOAM532W9DS/MnX9fSv5pkebWSE8dFBo3mqxVVzB2SHtoaWjhq9kbv4h 0LfABDNdYC1BxsUh6Xtml+1sHQ== X-Received: by 2002:a17:902:b493:: with SMTP id y19mr2845887plr.186.1592327414149; Tue, 16 Jun 2020 10:10:14 -0700 (PDT) Received: from xps15 (S0106002369de4dac.cg.shawcable.net. [68.147.8.254]) by smtp.gmail.com with ESMTPSA id m7sm18131736pfb.1.2020.06.16.10.10.13 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 16 Jun 2020 10:10:13 -0700 (PDT) Date: Tue, 16 Jun 2020 11:10:11 -0600 From: Mathieu Poirier To: Clement Leger Cc: Andy Gross , Bjorn Andersson , Ohad Ben-Cohen , linux-arm-msm@vger.kernel.org, linux-remoteproc@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH] rpmsg: fix driver_override memory leak Message-ID: <20200616171011.GA461427@xps15> References: <20200611185012.23815-1-cleger@kalray.eu> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <20200611185012.23815-1-cleger@kalray.eu> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Cl?ment, On Thu, Jun 11, 2020 at 08:50:12PM +0200, Clement Leger wrote: > rpmsg_core allows to override driver using driver_override sysfs > attribute. When used, the sysfs store function will duplicate the user > provided string using kstrndup. However, when the rpdev is released, > the driver_override attribute is not freed. In order to have a > consistent allocation and release, use kstrdup in > rpmsg_chrdev_register_device and move it in rpmsg_core.c to avoid > header dependencies. Moreover, add a rpmsg_release_device function to > be called in device release. Drivers using rpmsg have been modified to > use this function and ensure there will be no more memory leak when > releasing rpmsg devices. > This was found with kmemleak while using remoteproc and virtio. > > Signed-off-by: Clement Leger > --- > drivers/rpmsg/qcom_glink_native.c | 1 + > drivers/rpmsg/qcom_smd.c | 1 + > drivers/rpmsg/rpmsg_core.c | 22 ++++++++++++++++++++++ > drivers/rpmsg/rpmsg_internal.h | 15 ++------------- > drivers/rpmsg/virtio_rpmsg_bus.c | 1 + > 5 files changed, 27 insertions(+), 13 deletions(-) > > diff --git a/drivers/rpmsg/qcom_glink_native.c b/drivers/rpmsg/qcom_glink_native.c > index 1995f5b3ea67..076997afc638 100644 > --- a/drivers/rpmsg/qcom_glink_native.c > +++ b/drivers/rpmsg/qcom_glink_native.c > @@ -1373,6 +1373,7 @@ static void qcom_glink_rpdev_release(struct device *dev) > struct glink_channel *channel = to_glink_channel(rpdev->ept); > > channel->rpdev = NULL; > + rpmsg_release_device(rpdev); > kfree(rpdev); > } > > diff --git a/drivers/rpmsg/qcom_smd.c b/drivers/rpmsg/qcom_smd.c > index 4abbeea782fa..f01174d0d4d9 100644 > --- a/drivers/rpmsg/qcom_smd.c > +++ b/drivers/rpmsg/qcom_smd.c > @@ -1047,6 +1047,7 @@ static void qcom_smd_release_device(struct device *dev) > struct rpmsg_device *rpdev = to_rpmsg_device(dev); > struct qcom_smd_device *qsdev = to_smd_device(rpdev); > > + rpmsg_release_device(rpdev); > kfree(qsdev); > } > > diff --git a/drivers/rpmsg/rpmsg_core.c b/drivers/rpmsg/rpmsg_core.c > index a6361cad608b..31de89c81b27 100644 > --- a/drivers/rpmsg/rpmsg_core.c > +++ b/drivers/rpmsg/rpmsg_core.c > @@ -554,6 +554,28 @@ int rpmsg_unregister_device(struct device *parent, > } > EXPORT_SYMBOL(rpmsg_unregister_device); > > +void rpmsg_release_device(struct rpmsg_device *rpdev) > +{ > + kfree(rpdev->driver_override); > +} > +EXPORT_SYMBOL(rpmsg_release_device); > + > +/** > + * rpmsg_chrdev_register_device() - register chrdev device based on rpdev > + * @rpdev: prepared rpdev to be used for creating endpoints > + * > + * This function wraps rpmsg_register_device() preparing the rpdev for use as > + * basis for the rpmsg chrdev. > + */ > +int rpmsg_chrdev_register_device(struct rpmsg_device *rpdev) > +{ > + strcpy(rpdev->id.name, "rpmsg_chrdev"); > + rpdev->driver_override = kstrdup("rpmsg_chrdev", GFP_KERNEL); Have you considered using devm_kstrdup() instead? Since the same rpdev is available here and in field##_store(), proceeding that way would prevent the need to add a new rpmsg_release_device() function. Depending on header dependencies rpmsg_chrdev_register_device() may also be able to remain in rpmsg_internal.h. Thanks, Mathieu > + > + return rpmsg_register_device(rpdev); > +} > +EXPORT_SYMBOL(rpmsg_chrdev_register_device); > + > /** > * __register_rpmsg_driver() - register an rpmsg driver with the rpmsg bus > * @rpdrv: pointer to a struct rpmsg_driver > diff --git a/drivers/rpmsg/rpmsg_internal.h b/drivers/rpmsg/rpmsg_internal.h > index 3fc83cd50e98..043b28f912fd 100644 > --- a/drivers/rpmsg/rpmsg_internal.h > +++ b/drivers/rpmsg/rpmsg_internal.h > @@ -75,19 +75,8 @@ int rpmsg_unregister_device(struct device *parent, > struct device *rpmsg_find_device(struct device *parent, > struct rpmsg_channel_info *chinfo); > > -/** > - * rpmsg_chrdev_register_device() - register chrdev device based on rpdev > - * @rpdev: prepared rpdev to be used for creating endpoints > - * > - * This function wraps rpmsg_register_device() preparing the rpdev for use as > - * basis for the rpmsg chrdev. > - */ > -static inline int rpmsg_chrdev_register_device(struct rpmsg_device *rpdev) > -{ > - strcpy(rpdev->id.name, "rpmsg_chrdev"); > - rpdev->driver_override = "rpmsg_chrdev"; > +int rpmsg_chrdev_register_device(struct rpmsg_device *rpdev); > > - return rpmsg_register_device(rpdev); > -} > +void rpmsg_release_device(struct rpmsg_device *rpdev); > > #endif > diff --git a/drivers/rpmsg/virtio_rpmsg_bus.c b/drivers/rpmsg/virtio_rpmsg_bus.c > index 07d4f3374098..af4ea6170f89 100644 > --- a/drivers/rpmsg/virtio_rpmsg_bus.c > +++ b/drivers/rpmsg/virtio_rpmsg_bus.c > @@ -381,6 +381,7 @@ static void virtio_rpmsg_release_device(struct device *dev) > struct rpmsg_device *rpdev = to_rpmsg_device(dev); > struct virtio_rpmsg_channel *vch = to_virtio_rpmsg_channel(rpdev); > > + rpmsg_release_device(rpdev); > kfree(vch); > } > > -- > 2.17.1 >