Re: [PATCH] interconnect: debugfs: fix devm_kstrdup and kfree mismatch

Next message: Christophe Leroy (CS GROUP): "[PATCH v2] powerpc: Simplify access_ok()"
Previous message: Wolfram Sang: "[PULL REQUEST] i2c-for-7.0-rc5"
In reply to: Kuan-Wei Chiu: "Re: [PATCH] interconnect: debugfs: fix devm_kstrdup and kfree mismatch"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Markus Elfring

Date: Sun Mar 22 2026 - 05:34:36 EST

> debugfs_write_file_str() uses standard kfree() to release old strings.

Why would such information matter here?

> Initializing src_node and dst_node with devm_kstrdup() creates a memory
> management mismatch. If a user writes to these debugfs nodes, the
> devm-allocated memory is freed via kfree(), leaving a dangling pointer
> in the device resource list that can lead to a double free.

Would an other description approach be clearer for involved dependencies?

> Fix this by using standard kstrdup() instead.

Interesting …

https://elixir.bootlin.com/linux/v7.0-rc4/source/drivers/interconnect/debugfs-client.c#L139-L169

> Since the interconnect
> subsystem is strictly built-in and cannot be unloaded as a module, there
> is no exit path requiring manual cleanup of these strings.

Should string lifetimes be reconsidered for the mentioned function implementation?

> The error
> handling path is also simplified by taking advantage of the fact that
> kfree(NULL) is a safe no-op.

I tend to interpret source code simplifications in other directions.

See also once more:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/Documentation/process/stable-kernel-rules.rst?h=v7.0-rc4#n34

Regards,
Markus