From: "Uwe Kleine-König" <u.kleine-koenig@pengutronix.de>
To: Lars-Peter Clausen <lars@metafoo.de>
Cc: Alexandre Torgue <alexandre.torgue@foss.st.com>,
David Lechner <david@lechnology.com>,
Fabrice Gasnier <fabrice.gasnier@foss.st.com>,
Jarkko Nikula <jarkko.nikula@linux.intel.com>,
Kamel Bouhara <kamel.bouhara@bootlin.com>,
Maxime Coquelin <mcoquelin.stm32@gmail.com>,
Oleksij Rempel <linux@rempel-privat.de>,
Patrick Havelange <patrick.havelange@essensium.com>,
Syed Nayyar Waris <syednwaris@gmail.com>,
William Breathitt Gray <vilhelm.gray@gmail.com>,
linux-arm-kernel@lists.infradead.org, linux-iio@vger.kernel.org,
linux-kernel@vger.kernel.org,
linux-stm32@st-md-mailman.stormreply.com
Subject: Re: [PATCH 0/8] counter: Remove struct counter_device::priv
Date: Tue, 21 Dec 2021 12:35:42 +0100 [thread overview]
Message-ID: <20211221113542.rl4aburbzzrgs3km@pengutronix.de> (raw)
In-Reply-To: <dadb79b2-ac21-1899-48b9-1c6723afb1b4@metafoo.de>
[-- Attachment #1: Type: text/plain, Size: 2012 bytes --]
Hello Lars,
On Tue, Dec 21, 2021 at 12:12:12PM +0100, Lars-Peter Clausen wrote:
> On 12/21/21 11:45 AM, Uwe Kleine-König wrote:
> > similar to patch
> > https://lore.kernel.org/r/4bde7cbd9e43a5909208102094444219d3154466.1640072891.git.vilhelm.gray@gmail.com
> > the usage of struct counter_device::priv can be replaced by
> > container_of which improves type safety and code size.
> >
> > This series depends on above patch, converts the remaining drivers and
> > finally drops struct counter_device::priv.
>
> Not sure if this is such a good idea. struct counter_device should not be
> embedded in the drivers state struct in the first place.
Just to mention it: My patch series didn't change this, this was already
broken before.
> struct counter_device contains a struct device, which is a reference counted
> object. But by embedding it in the driver state struct the life time of both
> the struct counter_device and and struct device are bound to the life time
> of the driver state struct.
>
> Which means the struct device memory can get freed before the last reference
> is dropped, which leads to a use-after-free and undefined behavior.
Well, the driver struct is allocated using devm_kzalloc for all drivers.
So I think it's not *very* urgent to fix. Still you're right, this
should be addressed.
> The framework should be changed to rather then embedding the struct
> counter_device in the state struct to just have a pointer to it. With the
> struct counter_device having its own allocation that will be freed when the
> last reference to the struct device is dropped.
My favourite would be to implement a counter_device_alloc /
counter_device_add approach, similar to what spi_alloc_controller and
alloc_etherdev do. The downside is that this isn't typesafe either :-\
Best regards
Uwe
--
Pengutronix e.K. | Uwe Kleine-König |
Industrial Linux Solutions | https://www.pengutronix.de/ |
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 488 bytes --]
WARNING: multiple messages have this Message-ID (diff)
From: "Uwe Kleine-König" <u.kleine-koenig@pengutronix.de>
To: Lars-Peter Clausen <lars@metafoo.de>
Cc: Alexandre Torgue <alexandre.torgue@foss.st.com>,
David Lechner <david@lechnology.com>,
Fabrice Gasnier <fabrice.gasnier@foss.st.com>,
Jarkko Nikula <jarkko.nikula@linux.intel.com>,
Kamel Bouhara <kamel.bouhara@bootlin.com>,
Maxime Coquelin <mcoquelin.stm32@gmail.com>,
Oleksij Rempel <linux@rempel-privat.de>,
Patrick Havelange <patrick.havelange@essensium.com>,
Syed Nayyar Waris <syednwaris@gmail.com>,
William Breathitt Gray <vilhelm.gray@gmail.com>,
linux-arm-kernel@lists.infradead.org, linux-iio@vger.kernel.org,
linux-kernel@vger.kernel.org,
linux-stm32@st-md-mailman.stormreply.com
Subject: Re: [PATCH 0/8] counter: Remove struct counter_device::priv
Date: Tue, 21 Dec 2021 12:35:42 +0100 [thread overview]
Message-ID: <20211221113542.rl4aburbzzrgs3km@pengutronix.de> (raw)
In-Reply-To: <dadb79b2-ac21-1899-48b9-1c6723afb1b4@metafoo.de>
[-- Attachment #1.1: Type: text/plain, Size: 2012 bytes --]
Hello Lars,
On Tue, Dec 21, 2021 at 12:12:12PM +0100, Lars-Peter Clausen wrote:
> On 12/21/21 11:45 AM, Uwe Kleine-König wrote:
> > similar to patch
> > https://lore.kernel.org/r/4bde7cbd9e43a5909208102094444219d3154466.1640072891.git.vilhelm.gray@gmail.com
> > the usage of struct counter_device::priv can be replaced by
> > container_of which improves type safety and code size.
> >
> > This series depends on above patch, converts the remaining drivers and
> > finally drops struct counter_device::priv.
>
> Not sure if this is such a good idea. struct counter_device should not be
> embedded in the drivers state struct in the first place.
Just to mention it: My patch series didn't change this, this was already
broken before.
> struct counter_device contains a struct device, which is a reference counted
> object. But by embedding it in the driver state struct the life time of both
> the struct counter_device and and struct device are bound to the life time
> of the driver state struct.
>
> Which means the struct device memory can get freed before the last reference
> is dropped, which leads to a use-after-free and undefined behavior.
Well, the driver struct is allocated using devm_kzalloc for all drivers.
So I think it's not *very* urgent to fix. Still you're right, this
should be addressed.
> The framework should be changed to rather then embedding the struct
> counter_device in the state struct to just have a pointer to it. With the
> struct counter_device having its own allocation that will be freed when the
> last reference to the struct device is dropped.
My favourite would be to implement a counter_device_alloc /
counter_device_add approach, similar to what spi_alloc_controller and
alloc_etherdev do. The downside is that this isn't typesafe either :-\
Best regards
Uwe
--
Pengutronix e.K. | Uwe Kleine-König |
Industrial Linux Solutions | https://www.pengutronix.de/ |
[-- Attachment #1.2: signature.asc --]
[-- Type: application/pgp-signature, Size: 488 bytes --]
[-- Attachment #2: Type: text/plain, Size: 176 bytes --]
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2021-12-21 11:36 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-12-21 10:45 [PATCH 0/8] counter: Remove struct counter_device::priv Uwe Kleine-König
2021-12-21 10:45 ` Uwe Kleine-König
2021-12-21 10:45 ` [PATCH 1/8] counter: 104-quad-8: Use container_of instead of " Uwe Kleine-König
2021-12-21 10:45 ` [PATCH 2/8] counter: ftm-quaddec: " Uwe Kleine-König
2021-12-21 10:45 ` [PATCH 3/8] counter: intel-qeb: " Uwe Kleine-König
2021-12-21 10:45 ` [PATCH 4/8] counter: interrupt-cnt: " Uwe Kleine-König
2021-12-21 10:45 ` [PATCH 5/8] counter: microchip-tcp-capture: " Uwe Kleine-König
2021-12-21 10:45 ` Uwe Kleine-König
2021-12-21 10:45 ` [PATCH 6/8] counter: stm32-lptimer-cnt: " Uwe Kleine-König
2021-12-21 10:45 ` Uwe Kleine-König
2021-12-21 10:45 ` [PATCH 7/8] counter: stm32-timer-cnt: " Uwe Kleine-König
2021-12-21 10:45 ` Uwe Kleine-König
2021-12-21 10:45 ` [PATCH 8/8] counter: Remove unused member from struct counter_device Uwe Kleine-König
2021-12-21 11:12 ` [PATCH 0/8] counter: Remove struct counter_device::priv Lars-Peter Clausen
2021-12-21 11:12 ` Lars-Peter Clausen
2021-12-21 11:35 ` Uwe Kleine-König [this message]
2021-12-21 11:35 ` Uwe Kleine-König
2021-12-21 12:04 ` Lars-Peter Clausen
2021-12-21 12:04 ` Lars-Peter Clausen
2021-12-21 13:22 ` Uwe Kleine-König
2021-12-21 13:22 ` Uwe Kleine-König
2021-12-21 14:12 ` Lars-Peter Clausen
2021-12-21 14:12 ` Lars-Peter Clausen
2021-12-22 17:51 ` Uwe Kleine-König
2021-12-22 17:51 ` Uwe Kleine-König
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211221113542.rl4aburbzzrgs3km@pengutronix.de \
--to=u.kleine-koenig@pengutronix.de \
--cc=alexandre.torgue@foss.st.com \
--cc=david@lechnology.com \
--cc=fabrice.gasnier@foss.st.com \
--cc=jarkko.nikula@linux.intel.com \
--cc=kamel.bouhara@bootlin.com \
--cc=lars@metafoo.de \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-iio@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-stm32@st-md-mailman.stormreply.com \
--cc=linux@rempel-privat.de \
--cc=mcoquelin.stm32@gmail.com \
--cc=patrick.havelange@essensium.com \
--cc=syednwaris@gmail.com \
--cc=vilhelm.gray@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.