[PATCH] regulator: of: Add of_node_put() before return in function

[PATCH] regulator: of: Add of_node_put() before return in function

[Nishka Dasgupta]

The local variable search in regulator_of_get_init_node takes the value
returned by either of_get_child_by_name or of_node_get, both of which
get a node. If this node is not put before returning, it could cause a
memory leak. Hence put search before a mid-loop return statement.
Issue found with Coccinelle.

Signed-off-by: Nishka Dasgupta <nishkadg.linux@gmail.com>
---
 drivers/regulator/of_regulator.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/drivers/regulator/of_regulator.c b/drivers/regulator/of_regulator.c
index 397918ebba55..9112faa6a9a0 100644
--- a/drivers/regulator/of_regulator.c
+++ b/drivers/regulator/of_regulator.c
@@ -416,8 +416,10 @@ device_node *regulator_of_get_init_node(struct device *dev,
 		if (!name)
 			name = child->name;
 
-		if (!strcmp(desc->of_match, name))
+		if (!strcmp(desc->of_match, name)) {
+			of_node_put(search);
 			return of_node_get(child);
+		}
 	}
 
 	of_node_put(search);
-- 
2.19.1

Re: [PATCH] regulator: of: Add of_node_put() before return in function

[Mark Brown]

[-- Attachment #1: Type: text/plain, Size: 624 bytes --]

On Wed, Jul 24, 2019 at 02:02:31PM +0530, Nishka Dasgupta wrote:
> The local variable search in regulator_of_get_init_node takes the value
> returned by either of_get_child_by_name or of_node_get, both of which
> get a node. If this node is not put before returning, it could cause a
> memory leak. Hence put search before a mid-loop return statement.
> Issue found with Coccinelle.

> -		if (!strcmp(desc->of_match, name))
> +		if (!strcmp(desc->of_match, name)) {
> +			of_node_put(search);
>  			return of_node_get(child);
> +		}

Why not just remove the extra of_node_get() and a comment explaining why
it's not needed?

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 488 bytes --]

Re: [PATCH] regulator: of: Add of_node_put() before return in function

[Nishka Dasgupta]

On 24/07/19 9:17 PM, Mark Brown wrote:
> On Wed, Jul 24, 2019 at 02:02:31PM +0530, Nishka Dasgupta wrote:
>> The local variable search in regulator_of_get_init_node takes the value
>> returned by either of_get_child_by_name or of_node_get, both of which
>> get a node. If this node is not put before returning, it could cause a
>> memory leak. Hence put search before a mid-loop return statement.
>> Issue found with Coccinelle.
> 
>> -		if (!strcmp(desc->of_match, name))
>> +		if (!strcmp(desc->of_match, name)) {
>> +			of_node_put(search);
>>   			return of_node_get(child);
>> +		}
> 
> Why not just remove the extra of_node_get() and a comment explaining why
> it's not needed?
> 
I'm sorry, I don't think I understand. I'm putting search in this patch; 
the program was already getting child. Should I also return child 
directly instead of getting it again, and continue to put search?

Thanking you,
Nishka

Re: [PATCH] regulator: of: Add of_node_put() before return in function

[Mark Brown]

[-- Attachment #1: Type: text/plain, Size: 1210 bytes --]

On Fri, Jul 26, 2019 at 01:02:52PM +0530, Nishka Dasgupta wrote:
> On 24/07/19 9:17 PM, Mark Brown wrote:
> > On Wed, Jul 24, 2019 at 02:02:31PM +0530, Nishka Dasgupta wrote:

> > > The local variable search in regulator_of_get_init_node takes the value
> > > returned by either of_get_child_by_name or of_node_get, both of which
> > > get a node. If this node is not put before returning, it could cause a
> > > memory leak. Hence put search before a mid-loop return statement.
> > > Issue found with Coccinelle.

> > > -		if (!strcmp(desc->of_match, name))
> > > +		if (!strcmp(desc->of_match, name)) {
> > > +			of_node_put(search);
> > >   			return of_node_get(child);
> > > +		}

> > Why not just remove the extra of_node_get() and a comment explaining why
> > it's not needed?

> I'm sorry, I don't think I understand. I'm putting search in this patch; the
> program was already getting child. Should I also return child directly
> instead of getting it again, and continue to put search?

Your new code is dropping a reference then immediately reacquiring one
to return it (introducing a race condition along the way).  Why not just
return the already held reference and not call any functions at all?

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 488 bytes --]

Re: [PATCH] regulator: of: Add of_node_put() before return in function

[Nishka Dasgupta]

On 26/07/19 4:15 PM, Mark Brown wrote:
> On Fri, Jul 26, 2019 at 01:02:52PM +0530, Nishka Dasgupta wrote:
>> On 24/07/19 9:17 PM, Mark Brown wrote:
>>> On Wed, Jul 24, 2019 at 02:02:31PM +0530, Nishka Dasgupta wrote:
> 
>>>> The local variable search in regulator_of_get_init_node takes the value
>>>> returned by either of_get_child_by_name or of_node_get, both of which
>>>> get a node. If this node is not put before returning, it could cause a
>>>> memory leak. Hence put search before a mid-loop return statement.
>>>> Issue found with Coccinelle.
> 
>>>> -		if (!strcmp(desc->of_match, name))
>>>> +		if (!strcmp(desc->of_match, name)) {
>>>> +			of_node_put(search);
>>>>    			return of_node_get(child);
>>>> +		}
> 
>>> Why not just remove the extra of_node_get() and a comment explaining why
>>> it's not needed?
> 
>> I'm sorry, I don't think I understand. I'm putting search in this patch; the
>> program was already getting child. Should I also return child directly
>> instead of getting it again, and continue to put search?
> 
> Your new code is dropping a reference then immediately reacquiring one
> to return it (introducing a race condition along the way).  Why not just
> return the already held reference and not call any functions at all?
> 
I still don't understand.
Previously the function was acquiring a reference to child with 
of_node_get().
My added code is dropping a reference to search, using of_node_put().
I'm probably misunderstanding this at some point, but I thought search 
and child are two different nodes? Or am I completely misunderstanding 
what you're explaining?
Apologies for the confusion.

Thanking you,
Nishka

Re: [PATCH] regulator: of: Add of_node_put() before return in function

[Mark Brown]

[-- Attachment #1: Type: text/plain, Size: 406 bytes --]

On Wed, Jul 31, 2019 at 06:41:03PM +0530, Nishka Dasgupta wrote:

> My added code is dropping a reference to search, using of_node_put().
> I'm probably misunderstanding this at some point, but I thought search and
> child are two different nodes? Or am I completely misunderstanding what
> you're explaining?

Doh, sorry - missed that it's a different node (there's a lot of these
get mechanically sent).

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 488 bytes --]

Applied "regulator: of: Add of_node_put() before return in function" to the regulator tree

[Mark Brown]

The patch

   regulator: of: Add of_node_put() before return in function

has been applied to the regulator tree at

   https://git.kernel.org/pub/scm/linux/kernel/git/broonie/regulator.git for-5.3

All being well this means that it will be integrated into the linux-next
tree (usually sometime in the next 24 hours) and sent to Linus during
the next merge window (or sooner if it is a bug fix), however if
problems are discovered then the patch may be dropped or reverted.  

You may get further e-mails resulting from automated or manual testing
and review of the tree, please engage with people reporting problems and
send followup patches addressing any issues that are reported if needed.

If any updates are required or you are submitting further changes they
should be sent as incremental updates against current git, existing
patches will not be replaced.

Please add any relevant lists and maintainers to the CCs when replying
to this mail.

Thanks,
Mark

From 811ba489fa524ec634933cdf83aaf6c007a4c004 Mon Sep 17 00:00:00 2001
From: Nishka Dasgupta <nishkadg.linux@gmail.com>
Date: Wed, 24 Jul 2019 14:02:31 +0530
Subject: [PATCH] regulator: of: Add of_node_put() before return in function

The local variable search in regulator_of_get_init_node takes the value
returned by either of_get_child_by_name or of_node_get, both of which
get a node. If this node is not put before returning, it could cause a
memory leak. Hence put search before a mid-loop return statement.
Issue found with Coccinelle.

Signed-off-by: Nishka Dasgupta <nishkadg.linux@gmail.com>
Link: https://lore.kernel.org/r/20190724083231.10276-1-nishkadg.linux@gmail.com
Signed-off-by: Mark Brown <broonie@kernel.org>
---
 drivers/regulator/of_regulator.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/drivers/regulator/of_regulator.c b/drivers/regulator/of_regulator.c
index 397918ebba55..9112faa6a9a0 100644
--- a/drivers/regulator/of_regulator.c
+++ b/drivers/regulator/of_regulator.c
@@ -416,8 +416,10 @@ device_node *regulator_of_get_init_node(struct device *dev,
 		if (!name)
 			name = child->name;
 
-		if (!strcmp(desc->of_match, name))
+		if (!strcmp(desc->of_match, name)) {
+			of_node_put(search);
 			return of_node_get(child);
+		}
 	}
 
 	of_node_put(search);
-- 
2.20.1