Re: [PATCH v6 12/12] rpmsg: Fix kfree() of static memory on setting driver_override

From: Krzysztof Kozlowski
Date: Wed Apr 13 2022 - 04:41:16 EST

Next message: AngeloGioacchino Del Regno: "Re: [PATCH v14 6/6] soc: mediatek: mutex: add functions that operate registers by CMDQ"
Previous message: Borislav Petkov: "Re: [PATCH V5 3/7] x86/entry: Move PUSH_AND_CLEAR_REGS out of error_entry()"
In reply to: Biju Das: "RE: [PATCH v6 12/12] rpmsg: Fix kfree() of static memory on setting driver_override"
Next in thread: Biju Das: "RE: [PATCH v6 12/12] rpmsg: Fix kfree() of static memory on setting driver_override"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 12/04/2022 16:10, Biju Das wrote:
> Hi Krzysztof Kozlowski,
>
> Thanks for the patch.
>
>> Subject: [PATCH v6 12/12] rpmsg: Fix kfree() of static memory on setting
>> driver_override
>>
>> The driver_override field from platform driver should not be initialized
>> from static memory (string literal) because the core later kfree() it, for
>> example when driver_override is set via sysfs.
>>
>> Use dedicated helper to set driver_override properly.
>>
>> Fixes: 950a7388f02b ("rpmsg: Turn name service into a stand alone driver")
>> Fixes: c0cdc19f84a4 ("rpmsg: Driver for user space endpoint interface")
>> Signed-off-by: Krzysztof Kozlowski <krzysztof.kozlowski@xxxxxxxxxx>
>> Reviewed-by: Bjorn Andersson <bjorn.andersson@xxxxxxxxxx>
>> ---
>> drivers/rpmsg/rpmsg_internal.h | 13 +++++++++++--
>> drivers/rpmsg/rpmsg_ns.c | 14 ++++++++++++--
>> include/linux/rpmsg.h | 6 ++++--
>> 3 files changed, 27 insertions(+), 6 deletions(-)
>>
>> diff --git a/drivers/rpmsg/rpmsg_internal.h
>> b/drivers/rpmsg/rpmsg_internal.h index d4b23fd019a8..1a2fb8edf5d3 100644
>> --- a/drivers/rpmsg/rpmsg_internal.h
>> +++ b/drivers/rpmsg/rpmsg_internal.h
>> @@ -94,10 +94,19 @@ int rpmsg_release_channel(struct rpmsg_device *rpdev,
>> */
>> static inline int rpmsg_ctrldev_register_device(struct rpmsg_device
>> *rpdev) {
>> + int ret;
>> +
>> strcpy(rpdev->id.name, "rpmsg_ctrl");
>> - rpdev->driver_override = "rpmsg_ctrl";
>> + ret = driver_set_override(&rpdev->dev, &rpdev->driver_override,
>> + "rpmsg_ctrl", strlen("rpmsg_ctrl"));
>
> Is it not possible to use rpdev->id.name instead of "rpmsg_ctrl" ?
> rpdev->id.name has "rpmsg_ctrl" from strcpy(rpdev->id.name, "rpmsg_ctrl");
>
> Same for "rpmsg_ns" as well

It's possible. I kept the pattern of duplicating the string literal
because original code had it, but I don't mind to change it. In the
output assembler that might be additional instruction - need to
dereference the rpdev pointer - but that does not matter much.

Best regards,
Krzysztof

Next message: AngeloGioacchino Del Regno: "Re: [PATCH v14 6/6] soc: mediatek: mutex: add functions that operate registers by CMDQ"
Previous message: Borislav Petkov: "Re: [PATCH V5 3/7] x86/entry: Move PUSH_AND_CLEAR_REGS out of error_entry()"
In reply to: Biju Das: "RE: [PATCH v6 12/12] rpmsg: Fix kfree() of static memory on setting driver_override"
Next in thread: Biju Das: "RE: [PATCH v6 12/12] rpmsg: Fix kfree() of static memory on setting driver_override"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]