Received: by 2002:a05:6a10:5bc5:0:0:0:0 with SMTP id os5csp276037pxb; Fri, 29 Oct 2021 09:37:49 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzDleF9tZtLI4o32BJMCEG78UkBfmZV00wouCi1aFEeNntUijYQP2hRQbuQ4LyisXOyznix X-Received: by 2002:a05:6e02:1521:: with SMTP id i1mr8053728ilu.252.1635525468864; Fri, 29 Oct 2021 09:37:48 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1635525468; cv=none; d=google.com; s=arc-20160816; b=ybgIhNy1I3Z2FCEvsBs44hhYQ/Eod9hAdmP0gQ9CaKFnhhLcDui7o+CyrOxa2aqTJ9 tAMPqxAldDQDyjkc4tVtnxQvZmdiD4XrIVPa4mgqoJzvOK97eB5Djw/Q7PKG8mHrT5Fz b+hnbkxUG8jbE0YdGN3mRWEixzovQMJGCS2WtF5AkR/ixSBQLYr68D9q4ck83SF7R08A bneg6ClliEUEE4WwPL8rIERJw5H7wWR1XnjA7G6MrIz7YcSQOaQE7KRy+gw8A+Qx9Bxg nD8zUzV6toO5w87QlbMppzrXgUBdgK1P6uA2VKgc9zbJrfvz1nwgFRHRGVXqLzW9nOCw WKmQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version; bh=t7EbXoQnrBFVmC/CEdkKdyC1qllJNo666H7Pkno2xpg=; b=Y0r58rkTvOk89aMkj5xPk+Z96uorvgJuCG51aVnsKgzVNRRCbYDWNcHp92L+6j0fsH 3ZzNY1C5IYdgRIkvD9p7QGDrt9LM84QuquWl4fZeFRkNgImJ8hIIeolbCfHFMVfeCaPw 53RIjz55G+pRHiZsTL04q6fBR9byRoHiIkpS82sBi+5s3gIwozs0xlpCc6e98usMgfLC bQBJSHhZyZgzhPufg5KnTYB5lUqIouN6bO/SgHrU25UqhVKDWHFPFOft9Sd+VBftopBe Q0QNAMzoIXVmZ6F68bBrcw1YhDfmj/voMazF3Id1iwl5V1XqJDn9uIfZAoNhSS680mf8 8HVg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id d9si3724840ioi.4.2021.10.29.09.37.22; Fri, 29 Oct 2021 09:37:48 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229893AbhJ2Qhn (ORCPT + 99 others); Fri, 29 Oct 2021 12:37:43 -0400 Received: from mail-yb1-f171.google.com ([209.85.219.171]:34350 "EHLO mail-yb1-f171.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229623AbhJ2Qhl (ORCPT ); Fri, 29 Oct 2021 12:37:41 -0400 Received: by mail-yb1-f171.google.com with SMTP id o12so25704277ybk.1; Fri, 29 Oct 2021 09:35:12 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=t7EbXoQnrBFVmC/CEdkKdyC1qllJNo666H7Pkno2xpg=; b=OAxTsAdLjzEjsnLboXyYhiYOOUCkBCnbHFQhDjHXF/6zhQz016Kw/xa+fCDu2QQ79S Bnj2NXpEcccI0fsR0VOGzgPiFK/TqmO2U2g5k5GQIui7VG/do636PGzVwqo//T3KOPkq 4XXYaSbw+rAOeQFo+d0WtJf25VKODKO+R9h6+FhXlFQwH38AFTDQLfwe0Rphvsf+OElB aKVa0ynklDatUjwHJY4MPKUu1yHoEnB1yBRuYbo4osW549lE1Emfg5iIqvB9D7sYxNKB Thm6Zyz8yqj9BNDe5g5fILP0Zaops/hzRMhye/tRvXl8qzZl9otU4bhsePkNkd19N9Ir FGJQ== X-Gm-Message-State: AOAM533jetbuMTS1bpbulRlSOxnZeGuhjJUrW+9CYF8VLxL5giuq4X+E +kn5wjnHPLMrhwo5MDDKSJD7twNLEtbmlDD5sb5XXzohqM8= X-Received: by 2002:a25:820b:: with SMTP id q11mr12743500ybk.536.1635525312325; Fri, 29 Oct 2021 09:35:12 -0700 (PDT) MIME-Version: 1.0 References: <20211026180909.1953355-1-mailhol.vincent@wanadoo.fr> <20211029113405.hbqcu6chf5e3olrm@pengutronix.de> In-Reply-To: <20211029113405.hbqcu6chf5e3olrm@pengutronix.de> From: Vincent MAILHOL Date: Sat, 30 Oct 2021 01:35:01 +0900 Message-ID: Subject: Re: [RFC PATCH v1] can: m_can: m_can_read_fifo: fix memory leak in error branch To: Marc Kleine-Budde Cc: linux-can , netdev , open list , Matt Kline , Sean Nyekjaer , Chandrasekar Ramakrishnan Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri. 29 Oct 2021 at 20:34, Marc Kleine-Budde wrote: > On 27.10.2021 03:09:09, Vincent Mailhol wrote: > > In m_can_read_fifo(), if the second call to m_can_fifo_read() fails, > > the function jump to the out_fail label and returns without calling > > m_can_receive_skb(). This means that the skb previously allocated by > > alloc_can_skb() is not freed. In other terms, this is a memory leak. > > > > This patch adds a new goto statement: out_receive_skb and do some > > small code refactoring to fix the issue. > > This means we pass a skb to the user space, which contains wrong data. > Probably 0x0, but if the CAN frame doesn't contain 0x0, it's wrong. That > doesn't look like a good idea. If the CAN frame broke due to a CRC issue > on the wire it is not received. IMHO it's best to discard the skb and > return the error. Arg... Guess I made the right choice to tag the patch as RFC... Just one question, what is the correct function to discard the skb? The driver uses the napi polling system (which I am not entirely familiar with). Does it mean that the rx is not done in IRQ context and that we can simply use kfree_skb() instead of dev_kfree_skb_irq()? Yours sincerely, Vincent Mailhol