Hi Hans, On Friday 16 Dec 2016 12:39:49 Hans Verkuil wrote: > On 15/12/16 20:40, Shuah Khan wrote: > > Using devm resources that have external dependencies such as a dev > > for a file handler could result in devm resources getting released > > durin unbind while an application has the file open holding pointer > > to the devm resource. This results in use-after-free errors when the > > application exits. > > That's solving the wrong problem. > > The real problem is that when registering a video_device it should do > this: > > devnode->cdev.kobj.parent = &devnode->dev.kobj; > > (taken from cec-core.c) > > This will prevent isp->dev from being released as long as there is a > filehandle still open. But it won't be enough, devm_* resources are released at unbind time, not at device release time. Right after the unbind (.remove() for platform devices) handler returns, devm_kzalloc allocated memory goes away. > After that change I believe that this will work correctly, but this > has to be tested first! -- Regards, Laurent Pinchart -- To unsubscribe from this list: send the line "unsubscribe linux-media" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
