Received: by 2002:a05:7412:31a9:b0:e2:908c:2ebd with SMTP id et41csp3013309rdb; Tue, 12 Sep 2023 21:46:57 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHV9sX1E99OlAFZTHbNGPx/q9LBRptgQUOPPD/5BJSEGWfUtNjeNzxGqp7SFm26IsfUZiN/ X-Received: by 2002:a05:6808:23c3:b0:3a7:49e5:e0da with SMTP id bq3-20020a05680823c300b003a749e5e0damr2277005oib.26.1694580416788; Tue, 12 Sep 2023 21:46:56 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1694580416; cv=none; d=google.com; s=arc-20160816; b=Sue5KefUUyXQIQqpt08WIKHsI+XLw7owymaOZAhMXBE/WS/RFaTlM0ZMbEDm68XIwl CP2ZS9EystOrddtCbVrbTfFLv0hVh7ya+btg+pHJBTskeAsKr/zIbpCTp8qtpWHGb/ZZ QX26Fns+DreyjSbpM0z0h8iZKH4dCDkSiIYCeaKMzXGIOnXkxHyDTWdj2xRtfSw3TkOJ H+SfgOHnhOk6kAoH3nVKmS9Engs4DVW3e7zH9oGQydTzMxPFH4c7N5ZO3r0l6+iYvyt7 bVuTPzr1nHuANQNbmdLMR9a85MvPNR2x21/loZvZazifdIYX3DoHyePqbkCkF8gJWFlo NzJg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :content-language:references:cc:to:subject:user-agent:mime-version :date:message-id:dkim-signature; bh=aNgBgv9OnusrgebcCk0iaXwksweRjqepyQABV/DjNqw=; fh=TqS4+TcicyNkDqXvAmTFGuUTy8kWuMU2pv3NjCYD9HY=; b=wFqG1nkdrsDQA3q6EHX5393xQM/L3Do27acJewq6ofFpyfvCjH3fG+K+CtMbvaKWIB F20nvotTszy2WZkR1GR/7s62m17hLWNVEaP9FF67jUBc+qRiun5eqmyTps5KdKylvG/B c3F/ljju37QrPCl/UoUo5mIpOWVXaQTwQvW0uySETS4f/cLWUhum4YW7R2KIUGAUyCV0 TAOdImzBIPYype6cVzOLSkiBb65ZtueZWPLZq9N9nSSOpUCBNIObRk0WrqFg8vdjWX+P r9WgJzyp8jfv3DjvDeWnBhj6AZ1drMOQdtG5ZuhiDeIYrUEF+firfmE1ObvcSD+Ldlki yXHA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b=PwaMAhcI; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=ibm.com Return-Path: Received: from howler.vger.email (howler.vger.email. [2620:137:e000::3:4]) by mx.google.com with ESMTPS id bs186-20020a6328c3000000b005653f748afcsi9188162pgb.729.2023.09.12.21.46.56 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 12 Sep 2023 21:46:56 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) client-ip=2620:137:e000::3:4; Authentication-Results: mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b=PwaMAhcI; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=ibm.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by howler.vger.email (Postfix) with ESMTP id 62CEF84B192C; Mon, 11 Sep 2023 21:41:17 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at howler.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236691AbjILCH5 (ORCPT + 99 others); Mon, 11 Sep 2023 22:07:57 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36246 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S238288AbjILCCd (ORCPT ); Mon, 11 Sep 2023 22:02:33 -0400 Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F29C8179D99 for ; Mon, 11 Sep 2023 18:33:36 -0700 (PDT) Received: from pps.filterd (m0353723.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 38BMcqCO020075; Mon, 11 Sep 2023 22:40:44 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=message-id : date : mime-version : subject : to : cc : references : from : in-reply-to : content-type : content-transfer-encoding; s=pp1; bh=aNgBgv9OnusrgebcCk0iaXwksweRjqepyQABV/DjNqw=; b=PwaMAhcI1hdAEASKo1Xa3u6bPYA4CWN6otLl3pg1VdrwLR5jeEdBK9Dv3e17WyvzGBjU 5RjMNSeuGQkUOAkR6206W2MqxnTqpcoau6AYosSTci2NhggIbXyNbEeCI5/0MXvYzT4R ojUXX5EQQQkwtDOFj5tDY+qVxT/dayLncY/n87OxpGVNQg8NWoXtcsg/Rei+jsD544pj uwNYq1pwURodbT3wxTsZKFOi5XH7w8lvl/lZ9mDNVisWP1GfkZ9KUJrjs+4/PFf4d2ts ymCKrEShbvju6DJ7FSZjUJsvdDhd/hK0FEtxX6yTIr03DnVOppfZtrHoJmQ6l9DJxU3X Zw== Received: from ppma13.dal12v.mail.ibm.com (dd.9e.1632.ip4.static.sl-reverse.com [50.22.158.221]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3t2a9qj5wn-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 11 Sep 2023 22:40:44 +0000 Received: from pps.filterd (ppma13.dal12v.mail.ibm.com [127.0.0.1]) by ppma13.dal12v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 38BKc2tv002304; Mon, 11 Sep 2023 22:40:43 GMT Received: from smtprelay07.dal12v.mail.ibm.com ([172.16.1.9]) by ppma13.dal12v.mail.ibm.com (PPS) with ESMTPS id 3t158jwxa4-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 11 Sep 2023 22:40:43 +0000 Received: from smtpav05.dal12v.mail.ibm.com (smtpav05.dal12v.mail.ibm.com [10.241.53.104]) by smtprelay07.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 38BMeguT20906448 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 11 Sep 2023 22:40:43 GMT Received: from smtpav05.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id E07675805D; Mon, 11 Sep 2023 22:40:42 +0000 (GMT) Received: from smtpav05.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id A255158052; Mon, 11 Sep 2023 22:40:42 +0000 (GMT) Received: from [9.61.88.151] (unknown [9.61.88.151]) by smtpav05.dal12v.mail.ibm.com (Postfix) with ESMTP; Mon, 11 Sep 2023 22:40:42 +0000 (GMT) Message-ID: <73ba1505-d619-466e-981a-badb2658e6cb@linux.ibm.com> Date: Mon, 11 Sep 2023 17:40:42 -0500 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH v1 2/2] fsi: sbefifo: Validate pending user write To: Joel Stanley , eajames@linux.ibm.com Cc: jk@ozlabs.org, alistair@popple.id.au, linux-fsi@lists.ozlabs.org, linux-kernel@vger.kernel.org References: <20230907221016.2978802-1-ninad@linux.ibm.com> <20230907221016.2978802-3-ninad@linux.ibm.com> Content-Language: en-US From: Ninad Palsule In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-TM-AS-GCONF: 00 X-Proofpoint-GUID: FCy-hNz47PhGTfzDvErvaY40I0Xkr7hN X-Proofpoint-ORIG-GUID: FCy-hNz47PhGTfzDvErvaY40I0Xkr7hN X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.267,Aquarius:18.0.957,Hydra:6.0.601,FMLib:17.11.176.26 definitions=2023-09-11_18,2023-09-05_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 clxscore=1015 suspectscore=0 impostorscore=0 phishscore=0 lowpriorityscore=0 bulkscore=0 spamscore=0 priorityscore=1501 mlxscore=0 mlxlogscore=999 malwarescore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2308100000 definitions=main-2309110207 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (howler.vger.email [0.0.0.0]); Mon, 11 Sep 2023 21:41:17 -0700 (PDT) Hi Joel, On 9/11/23 00:52, Joel Stanley wrote: > On Thu, 7 Sept 2023 at 22:10, Ninad Palsule wrote: >> This commit fails user write operation if previous write operation is >> still pending. >> >> As per the driver design write operation only prepares the buffer, the >> actual FSI write is performed on next read operation. so if buggy >> application sends two back to back writes or two parallel writes then >> that could cause memory leak. > The driver already has this code: Yes, I have improved the comment. > > >> Signed-off-by: Ninad Palsule >> --- >> drivers/fsi/fsi-sbefifo.c | 6 ++++++ >> 1 file changed, 6 insertions(+) >> >> diff --git a/drivers/fsi/fsi-sbefifo.c b/drivers/fsi/fsi-sbefifo.c >> index b771dff27f7f..824e2a921a25 100644 >> --- a/drivers/fsi/fsi-sbefifo.c >> +++ b/drivers/fsi/fsi-sbefifo.c >> @@ -874,6 +874,12 @@ static ssize_t sbefifo_user_write(struct file *file, const char __user *buf, >> >> mutex_lock(&user->file_lock); >> >> + /* Previous write is still in progress */ >> + if (user->pending_cmd) { >> + mutex_unlock(&user->file_lock); >> + return -EALREADY; > That's an unusual return code. I guess it makes sense in this context. > > It's good to fix the potential memory leak, and we should add code to > catch that case. > > This will change the behaviour of the character device from "overwrite > the previous operation" to "reject operation until a read is > performed". Do you think there's existing code that depends on the old > behaviour? I do not see any issue with this rejection. I thought user may wants to send reset while command is hung but that case is not valid as pending command will hold the lock. User can always close the connection and reopen if required. How do I find if this could cause the regression? > >> + } >> + >> /* Can we use the pre-allocate buffer ? If not, allocate */ >> if (len <= PAGE_SIZE) >> user->pending_cmd = user->cmd_page; >> -- >> 2.39.2 >>