Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp11111719rwb; Fri, 25 Nov 2022 11:11:14 -0800 (PST) X-Google-Smtp-Source: AA0mqf56Cg+KhiH9s0kIpt85QVk0lEGcrx70rjURT7yu19iaikDVWWjT4hKxtNbwXAYWiJRB6vHj X-Received: by 2002:a17:902:ec01:b0:186:878e:3b0d with SMTP id l1-20020a170902ec0100b00186878e3b0dmr19803545pld.149.1669403474254; Fri, 25 Nov 2022 11:11:14 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1669403474; cv=none; d=google.com; s=arc-20160816; b=QhQbEzwHs8vIwj9BxY3Zjeik2mS3x2D2R4JlCJw7G4zsAodAEx0b3sLLXMwecJJBEn f7Dgc4cSFKpTZ9YPgjhMxjLbPwX8Me39r+pYsqK2AP32PJnhCE1tOj/e47tmsQqv254Z MH4ngQ/IoAPoAG+hJrruh46VWrX2ExuzCH96ctwvwH5/k8T88aDtJB1tFRuywbz+ulB0 2H7IWCVTQv0kIXexlf/aTpfgLouiZVBZI45JsCXxNVjUVDTaUksZFmeemo6DQzJ4ScdG yAK8C9D2kNruYIpWf7IffMwUXrGDrRB2QLxz8X1Nhy75urjIy+Xzfs/Cb6jEaHoGJZHS 0ERg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version; bh=yVnYr+yRHxw7HWghSQNQQghN0tldZQ4+ZOhhs+c595w=; b=ToaNps57gDT1hB8U1pf1uaM24zbJbjQebH2QX0B/dGknyxgkxbxOFLIWtFCjIqPSkm KQYFdl6YF7REKnonqUfzgWCSbqHdPY2qzvbtJt1hECqz8+UFSerjLvKB2/JsDVfpT+9Q LeFLQndSa1c3uNtisoH62ITlf/r/2crJ93RBRU6qIbLXiKTnkNc+Jf9vu0QplHlHmTWp uq8zgSzLIvHlsDIfYAHBzMKOmYI5s8B8C3F/l2St+OQN/6CKY/UV8WxSbsjDmtHu3JSj 5+kOuKu+izQY4tPnZRGOjcxGBGyJ6ocEJqhoy9ZNsXb2o8MvzeXt6dVmnxeBwZ95ILSn c3mw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id h8-20020a056a00230800b0056de69b0c76si5337979pfh.283.2022.11.25.11.11.03; Fri, 25 Nov 2022 11:11:14 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229883AbiKYSpf (ORCPT + 85 others); Fri, 25 Nov 2022 13:45:35 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54248 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229570AbiKYSpe (ORCPT ); Fri, 25 Nov 2022 13:45:34 -0500 Received: from mail-qt1-f181.google.com (mail-qt1-f181.google.com [209.85.160.181]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2432545ECC; Fri, 25 Nov 2022 10:45:33 -0800 (PST) Received: by mail-qt1-f181.google.com with SMTP id h24so2988062qta.9; Fri, 25 Nov 2022 10:45:33 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=yVnYr+yRHxw7HWghSQNQQghN0tldZQ4+ZOhhs+c595w=; b=LAhVU1SJdEqS6lSb4k6n+oxLjqzB3WBNEisiZqT5830TPbUo1+/ZwjKCYXFBwsR0f+ f/7LCMECGqz8SRPxn5x1DQBJmyp/TTdXHQWWkVizSoMhiV1rtZLLEnv8xNz86nZbuc0T AkRPR9KoiamqaG8DXFw6qZs7FM0El+1s9xWmTCnuKH8gN8NU4KW9A2MEUUAXoPdlu/Rr Pvjy6DymFav/bODjmQULtg9pe6B5mBtWjEiorL74JOX4tE1rmZa9aCLakWXqYmbMpEPA BkqTDrPW4IdpBcklf17+/QrdngGHn1SisDBY18tNo/AuGgDMLurAzor92auBf/aA9vLc 0o4w== X-Gm-Message-State: ANoB5pkVv9Od87Xap/9Hr58pUis5W6PANGzifCBocugpM8/eyNFL4lKq VZa09XUcjo3TAw5+YiTbt1yxAVCtLgorNgNYzZU= X-Received: by 2002:ac8:1482:0:b0:3a5:1e6f:7e05 with SMTP id l2-20020ac81482000000b003a51e6f7e05mr19373259qtj.357.1669401932242; Fri, 25 Nov 2022 10:45:32 -0800 (PST) MIME-Version: 1.0 References: <20221112094048.3614365-1-yangyingliang@huawei.com> In-Reply-To: From: "Rafael J. Wysocki" Date: Fri, 25 Nov 2022 19:45:21 +0100 Message-ID: Subject: Re: [PATCH] powercap: fix possible name leak while device_register() fails To: Yang Yingliang Cc: Greg Kroah-Hartman , "Rafael J. Wysocki" , linux-pm@vger.kernel.org, Linux Kernel Mailing List Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-1.4 required=5.0 tests=BAYES_00, FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE, SPF_PASS autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Nov 24, 2022 at 3:16 AM Yang Yingliang wrote: > > > On 2022/11/24 3:25, Greg Kroah-Hartman wrote: > > On Wed, Nov 23, 2022 at 08:00:14PM +0100, Rafael J. Wysocki wrote: > >> On Sat, Nov 12, 2022 at 10:42 AM Yang Yingliang > >> wrote: > >>> If device_register() returns error, the name allocated by > Sorry, > I didn't describe clearly here, it's not only after device_register() > failure, but also in the error path before register, the name is not > freed, see description below. So you would need to update the changelog at least. But see below. > >>> dev_set_name() need be freed. In technical, we should call > >>> put_device() to give up the reference and free the name in > >>> driver core, but in some cases the device is not intizalized, > >>> put_device() can not be called, so don't complicate the code, > >>> just call kfree_const() to free name in the error path. > >>> > >>> Fixes: 75d2364ea0ca ("PowerCap: Add class driver") > >>> Signed-off-by: Yang Yingliang > >>> --- > >>> drivers/powercap/powercap_sys.c | 2 ++ > >>> 1 file changed, 2 insertions(+) > >>> > >>> diff --git a/drivers/powercap/powercap_sys.c b/drivers/powercap/powercap_sys.c > >>> index f0654a932b37..11e742dc83b9 100644 > >>> --- a/drivers/powercap/powercap_sys.c > >>> +++ b/drivers/powercap/powercap_sys.c > >>> @@ -572,6 +572,7 @@ struct powercap_zone *powercap_register_zone( > >>> err_name_alloc: > >>> idr_remove(power_zone->parent_idr, power_zone->id); > >>> err_idr_alloc: > >>> + kfree_const(dev_name(&power_zone->dev)); > >>> if (power_zone->allocated) > >>> kfree(power_zone); > >>> mutex_unlock(&control_type->lock); > >>> @@ -622,6 +623,7 @@ struct powercap_control_type *powercap_register_control_type( > >>> dev_set_name(&control_type->dev, "%s", name); > >>> result = device_register(&control_type->dev); > >>> if (result) { > >>> + kfree_const(dev_name(&control_type->dev)); > >> Why is it necessary to free a device name explicitly after a failing > >> device_register()? > powercap_register_zone() > { > ... > dev_set_name() // allocate name > ... > if (!power_zone->constraints) > goto err_const_alloc; //the name is leaked in this path > ... > if (!power_zone->zone_dev_attrs) > goto err_attr_alloc; //the name is leaked in this path > ... > if (result) > goto err_dev_ret; //the name is leaked in this path > > result = device_register(&power_zone->dev); > if (result) > goto err_dev_ret;//put_device() is not called, the name is > leaked in this path > ... > err_dev_ret: > kfree(power_zone->zone_dev_attrs); > err_attr_alloc: > kfree(power_zone->constraints); > err_const_alloc: > kfree(power_zone->name); > err_name_alloc: > idr_remove(power_zone->parent_idr, power_zone->id); > err_idr_alloc: > if (power_zone->allocated) > kfree(power_zone); > } So can't the dev_set_name() be reordered closer to device_register(), so it is not necessary to worry about freeing the name? > >> > >> If it is really necessary, then there is a problem in > >> device_register() itself AFAICS, because it uses dev_set_name() at > >> least in the dev->init_name present case. > When the dev_set_name() called in device_register(), if register fails, the > name is freed in its error path. But in this case, dev_set_name() is called > outside the register, it needs call put_device() to free the name. In any case, device_register() needs to take care of it anyway, because it uses dev_set_name() itself in the dev->init_name case, doesn't it?