From: Yang Yingliang <yangyingliang@huawei.com>
To: Luben Tuikov <luben.tuikov@amd.com>,
<linux-kernel@vger.kernel.org>, <qemu-devel@nongnu.org>,
<linux-f2fs-devel@lists.sourceforge.net>,
<linux-erofs@lists.ozlabs.org>, <ocfs2-devel@oss.oracle.com>,
<linux-mtd@lists.infradead.org>, <amd-gfx@lists.freedesktop.org>
Cc: <gregkh@linuxfoundation.org>, <rafael@kernel.org>,
<somlo@cmu.edu>, <mst@redhat.com>, <jaegeuk@kernel.org>,
<chao@kernel.org>, <hsiangkao@linux.alibaba.com>,
<huangjianan@oppo.com>, <mark@fasheh.com>, <jlbec@evilplan.org>,
<joseph.qi@linux.alibaba.com>, <akpm@linux-foundation.org>,
<alexander.deucher@amd.com>, <richard@nod.at>,
<liushixin2@huawei.com>
Subject: Re: [PATCH v2] kset: fix memory leak when kset_register() returns error
Date: Tue, 25 Oct 2022 10:16:33 +0800 [thread overview]
Message-ID: <26c8c125-453c-af32-a66c-2a37e964ce19@huawei.com> (raw)
In-Reply-To: <dcb8b35a-7d0d-cc00-41e3-6e66837c506f@amd.com>
Hi,
On 2022/10/25 5:25, Luben Tuikov wrote:
> On 2022-10-24 17:06, Luben Tuikov wrote:
>> On 2022-10-24 08:19, Yang Yingliang wrote:
>>> Inject fault while loading module, kset_register() may fail.
>>> If it fails, the name allocated by kobject_set_name() which
>>> is called before kset_register() is leaked, because refcount
>>> of kobject is hold in kset_init().
>> "is hold" --> "was set".
>>
>> Also, I'd say "which must be called" instead of "is", since
>> we cannot register kobj/kset without a name--the kobj code crashes,
>> and we want to make this clear. IOW, a novice user may wonder
>> where "is" it called, as opposed to learning that they "must"
>> call it to allocate/set a name, before calling kset_register().
>>
>> So, I'd say this:
>>
>> "If it fails, the name allocated by kobject_set_name() which must
>> be called before a call to kset_regsiter() is leaked, since
>> refcount of kobj was set in kset_init()."
> Actually, to be a bit more clear:
>
> "If kset_register() fails, the name allocated by kobject_set_name(),
> namely kset.kobj.name, which must be called before a call to kset_register(),
> may be leaked, if the caller doesn't explicitly free it, say by calling kset_put().
>
> To mitigate this, we free the name in kset_register() when an error is encountered,
> i.e. when kset_register() returns an error."
Thanks for you suggestion.
>
>>> As a kset may be embedded in a larger structure which needs
>>> be freed in release() function or error path in callers, we
>> Drop "As", start with "A kset". "which needs _to_ be".
>> Also please specify that the release is part of the ktype,
>> like this:
>>
>> "A kset may be embedded in a larger structure which needs to be
>> freed in ktype.release() or error path in callers, we ..."
>>
>>> can not call kset_put() in kset_register(), or it will cause
>>> double free, so just call kfree_const() to free the name and
>>> set it to NULL.
>>>
>>> With this fix, the callers don't need to care about the name
>>> freeing and call an extra kset_put() if kset_register() fails.
>> This is unclear because you're *missing* a verb:
>> "and call an extra kset_put()".
>> Please add the proper verb _between_ "and call", something like,
>>
>> "With this fix, the callers don't need to care about freeing
>> the name of the kset, and _can_ call kset_put() if kset_register() fails."
I was mean
the callers don't need to care about freeing the name of the kset and
the callers don't need to care about calling kset_put()
Thanks,
Yang
>>
>> Choose a proper verb here: can, should, cannot, should not, etc.
>>
>> We can do this because you set "kset.kobj.name to NULL, and this
>> is checked for in kobject_cleanup(). We just need to stipulate
>> whether they should/shouldn't have to call kset_put(), or can free the kset
>> and/or the embedding object themselves. This really depends
>> on how we want kset_register() to behave in the future, and on
>> user's own ktype.release implementation...
> Forgot "may", "may not".
>
> So, do we want to say "may call kset_put()", like:
>
> "With this fix, the callers need not care about freeing
> the name of the kset, and _may_ call kset_put() if kset_register() fails."
>
> Or do we want to say "should" or even "must"--it really depends on
> what else is (would be) going on in kobj registration.
>
> Although, the user may have additional work to be done in the ktype.release()
> callback for the embedding object. It would be good to give them the freedom,
> i.e. "may", to call kset_put(). If that's not the case, this must be explicitly
> stipulated with the proper verb.
>
> Regards,
> Luben
>
> .
______________________________________________________
Linux MTD discussion mailing list
http://lists.infradead.org/mailman/listinfo/linux-mtd/
next prev parent reply other threads:[~2022-10-25 2:18 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-10-24 12:19 [PATCH v2] kset: fix memory leak when kset_register() returns error Yang Yingliang
2022-10-24 13:52 ` Greg KH
2022-10-24 14:39 ` Yang Yingliang
2022-10-24 14:53 ` Greg KH
2022-10-24 15:10 ` Yang Yingliang
2022-10-24 21:06 ` Luben Tuikov
2022-10-24 21:25 ` Luben Tuikov
2022-10-25 2:16 ` Yang Yingliang [this message]
2022-10-25 2:53 ` Luben Tuikov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=26c8c125-453c-af32-a66c-2a37e964ce19@huawei.com \
--to=yangyingliang@huawei.com \
--cc=akpm@linux-foundation.org \
--cc=alexander.deucher@amd.com \
--cc=amd-gfx@lists.freedesktop.org \
--cc=chao@kernel.org \
--cc=gregkh@linuxfoundation.org \
--cc=hsiangkao@linux.alibaba.com \
--cc=huangjianan@oppo.com \
--cc=jaegeuk@kernel.org \
--cc=jlbec@evilplan.org \
--cc=joseph.qi@linux.alibaba.com \
--cc=linux-erofs@lists.ozlabs.org \
--cc=linux-f2fs-devel@lists.sourceforge.net \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mtd@lists.infradead.org \
--cc=liushixin2@huawei.com \
--cc=luben.tuikov@amd.com \
--cc=mark@fasheh.com \
--cc=mst@redhat.com \
--cc=ocfs2-devel@oss.oracle.com \
--cc=qemu-devel@nongnu.org \
--cc=rafael@kernel.org \
--cc=richard@nod.at \
--cc=somlo@cmu.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).