Re: [PATCH] serial: core: don't kfree device managed data

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



* Andy Shevchenko <andriy.shevchenko@xxxxxxxxxxxxxxx> [230606 14:54]:
> On Tue, Jun 06, 2023 at 04:37:49PM +0300, Tony Lindgren wrote:
> > * Andy Shevchenko <andriy.shevchenko@xxxxxxxxxxxxxxx> [230606 13:16]:
> > > On Tue, Jun 06, 2023 at 11:26:25AM +0300, Dan Carpenter wrote:
> > > > The put_device() function will call serial_base_ctrl_release() or
> > > > serial_base_port_release() so these kfrees() are a double free bug.
> 
> ...
> 
> > > These labels are also called without device being even added.
> > > So, this is not good enough as far as I can tell.
> > 
> > I guess you mean the possibe error returned from the call to
> > serial_base_device_init()?
> > 
> > If serial_base_device_init() fails, we return error and end up doing
> > the put_device().
> > 
> > We have serial_base_device_init() call device_initialize(), is that
> > not enough for put_device()?
> 
> It's not. The error is returned when device release callback is not assigned
> yet.

OK thanks for clarifying.

> And also just noticed since we return deferred probe, the message there should
> be ratelimited or given only _once().

We should be OK with debug here like Dan suggested.

Regards,

Tony



[Index of Archives]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Linux PPP]     [Linux FS]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Linmodem]     [Device Mapper]     [Linux Kernel for ARM]

  Powered by Linux