Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp3994828pxb; Mon, 1 Feb 2021 09:40:46 -0800 (PST) X-Google-Smtp-Source: ABdhPJyIphNSJdaZOM/pNU+G9yWNsRUxiofR6HZ2N/E+BgfsByYvRAwGElx2w+V9zp0dRDTpdbxJ X-Received: by 2002:a05:6402:1113:: with SMTP id u19mr19522033edv.205.1612201246705; Mon, 01 Feb 2021 09:40:46 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1612201246; cv=none; d=google.com; s=arc-20160816; b=Nbq6TVW8QJ/zqJ1QEiBsbZdrvBFwyQM2ZyMHitj48ZZ9l8EyZzZdqh8CkmdAGOgggh pV6jN433YO/aMlZSjnYzN/czJYFKvdBCeZZ3dGOwRG4y4oIq1x+tG2zB1gX5fx6UQAfA AfLE/ur0eiivQYL9nukUjAlyJANslxe7/9Cat+Gp+s5bt9KfvktV69czZpcoLty53eRp f0tzreqpdBUCjniiCJthPW4tXRV/DMDvtaGeORjNT14hLOxSwnQqe8yTI3y84sk80HIl 6Znmk1gvbvaQSX5qekHNoPbDR7ysWDlrF5Y2VYcDuDW3/ydjq/xu2CPVXxFT/fzSnENN 48/Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=H6yx9f8R2sg1FqRwpipM1vmfkjs77ldyQGrFxy8CsBg=; b=Z/p93qN7ya6tzqpnMZthuCL1+YSpNMC/rkc7RT1oaTKQ7UII3Q38wD+xKZhYBCzUiW RfY7lOwkQCMNC/dIvQxc7i9s9UGzoiMtg/asJGbR04ABQM4xaUuVVyH5qPdUy1hjOaiQ paPyeCI+YexclUsGuqDzO7P3MncRFsEx3e5Qv7OlJ3l4P8axYhgYRIweRD3BBoDaPxuR 0dUHI+QqDg/OP1czMs6Ru7izSSdKgI31lLfG1cEWNKtKBTFe36nhBvT6x4v3YQ/FiTLT 63MYTXv5ACDtqOxu/iIAVDRQfszE7SEAD0340o61KWFfgLdUZNyjAMVZe/sry0H+K+ks ZDJA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=aUPFPwy7; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id r14si4899838ejx.414.2021.02.01.09.40.21; Mon, 01 Feb 2021 09:40:46 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=aUPFPwy7; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232040AbhBARhn (ORCPT + 99 others); Mon, 1 Feb 2021 12:37:43 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41032 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231983AbhBARhk (ORCPT ); Mon, 1 Feb 2021 12:37:40 -0500 Received: from mail-pg1-x534.google.com (mail-pg1-x534.google.com [IPv6:2607:f8b0:4864:20::534]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 933A7C061573; Mon, 1 Feb 2021 09:37:00 -0800 (PST) Received: by mail-pg1-x534.google.com with SMTP id c132so12559577pga.3; Mon, 01 Feb 2021 09:37:00 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=H6yx9f8R2sg1FqRwpipM1vmfkjs77ldyQGrFxy8CsBg=; b=aUPFPwy7bk8XQTFX4LTmfLI15xsOY1AB9KwIyquDIx3B9CGHR1g1KRI3shDk/dQ8qJ c+AI9gSFAv6oj2/HwaRqGUGu1T+OxEOlXtELOc4xM3fo/m0UwI5newp8OzHOBexS1yQC C5SV6vvxxuOXyUVu4WPYIlrSUnZj/UOlgGJPWa87wxEU7rpZoArUv2XW+EeLGP/sY3k1 l1MQ94WwhuwUZGrzD/1XxrYMyPeHUfNrz0hyj7txBQR7/0EDUghyGe3nYunTm3QTS0pw 3J+3tndyRm8xRaH1t/S4AtNuOBnq/irjg3B+zE++fmmp11FYlsZ1LBsWTQdSAjnKg9LX tBDw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=H6yx9f8R2sg1FqRwpipM1vmfkjs77ldyQGrFxy8CsBg=; b=MVSlsojRUFjRIeljzTbzRHwnVy/VAW3TcWryuW5FsL22fTP8bzpRG6qlo+OqsVV5gb W1eZ+AJp9nHgTRrzawpWS56+LzHTlJKJ4iOhb0gIMaICCdOWIEiJdSlCVCg+TIG+RVXK zG2SOBGdBqDQkJU37euO50V7t17EqczN+f/e0qQTW5UrySL/93CV0TX/6wLlL1dH100V /PtD+WSGg3A6V4RaU5+Ks0hfk+OZRFtY1YmVJpngNwWFGxo4U93T89d3d24KXXZdpId/ e6XEkARAiaNFuLBBTLTAjaG6Kgoq0pmLtVHVKBEWFGcRLLfTSjVNKdEfjAPGf0oasxNH 0rXg== X-Gm-Message-State: AOAM533O4pr6HKRRqWwWlrmoxZpI0ZeZY27DbzP6IqQ0ahJA7GVYBolV d0gGhf77ET0i19+ExSmhaEZwdlHFLp9FqGqkko4= X-Received: by 2002:a62:5a86:0:b029:1ae:6b45:b6a9 with SMTP id o128-20020a625a860000b02901ae6b45b6a9mr17081018pfb.7.1612201020053; Mon, 01 Feb 2021 09:37:00 -0800 (PST) MIME-Version: 1.0 References: <20210129081917.1808218-1-quanyang.wang@windriver.com> <02e614e9-fe2f-d7b2-6c47-2431475780ed@windriver.com> In-Reply-To: From: Andy Shevchenko Date: Mon, 1 Feb 2021 19:36:44 +0200 Message-ID: Subject: Re: [PATCH] gpiolib: free device name on error path to fix kmemleak To: Bartosz Golaszewski Cc: "quanyang.wang" , Linus Walleij , "open list:GPIO SUBSYSTEM" , Linux Kernel Mailing List Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Feb 1, 2021 at 5:50 PM Bartosz Golaszewski wrote: > > On Sat, Jan 30, 2021 at 4:45 AM quanyang.wang > wrote: > > > > Hi Andy, > > > > On 1/30/21 1:26 AM, Andy Shevchenko wrote: > > > On Fri, Jan 29, 2021 at 2:01 PM wrote: > > >> From: Quanyang Wang > > >> > > >> In gpiochip_add_data_with_key, we should check the return value of > > >> dev_set_name to ensure that device name is allocated successfully > > >> and then add a label on the error path to free device name to fix > > >> kmemleak as below: > > > Thanks for the report. > > > Unfortunately... > > > > > >> + ret = dev_set_name(&gdev->dev, GPIOCHIP_NAME "%d", gdev->id); > > >> + if (ret) > > >> + goto err_free_ida; > > > ... > > > > > >> +err_free_dev_name: > > >> + kfree(dev_name(&gdev->dev)); > > > ...this approach seems to create a possible double free if I'm not mistaken. > > Thanks for your comment. I didn't catch the double free. Would you > > please point it out? > > > > > > The idea is that device name should be cleaned in kobject ->release() > > > callback when device is put. > > > > Yes, the device name should be freed by calling put_device(&gdev->dev). > > But int gpiochip_add_data_with_key, > > > > when running dev_set_name, "gdev->dev.release" hasn't been installed > > until in the tail of gpiochip_add_data_with_key. > > > > So we couldn't call put_device here. > > > > Any suggestion is much appreciated. > > > > Thanks, > > > > Quanyang > > > > > Can you elaborate? > > > > > Andy, > > gdev->dev.release is assigned as the very last step in > gpiochip_add_data_with_key() so the patch looks correct to me. Do you > still have objections? Maybe I'm not seeing something. OK! (Sorry, don't have time to look deeper, just remember that netdev code used to (or still?) have some twisted cases with device registration and similar syzcaller issue, but in that case it wasn't so easy to fix. -- With Best Regards, Andy Shevchenko