| Message ID | 20220110073100.15497-1-linmq006@gmail.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | coresight: syscfg: Fix memleak on registration failure in cscfg_create_device | expand |
Good morning, On Mon, Jan 10, 2022 at 07:31:00AM +0000, Miaoqian Lin wrote: > device_register() calls device_initialize(), > according to doc of device_initialize: > > Use put_device() to give up your reference instead of freeing > * @dev directly once you have called this function. That is _if_ device_initialize() is called manually. In this instance @dev is registered with device_register() and unregistered with device_unregister(). The latter conforms to the comment you pointed out and calls put_device() as expected. Thanks, Mathieu > > To prevent potential memleak, use put_device() instead call kfree > directly. > > Signed-off-by: Miaoqian Lin <linmq006@gmail.com> > --- > drivers/hwtracing/coresight/coresight-syscfg.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/drivers/hwtracing/coresight/coresight-syscfg.c b/drivers/hwtracing/coresight/coresight-syscfg.c > index 43054568430f..007fa1c761a7 100644 > --- a/drivers/hwtracing/coresight/coresight-syscfg.c > +++ b/drivers/hwtracing/coresight/coresight-syscfg.c > @@ -764,7 +764,7 @@ struct device *cscfg_device(void) > /* Must have a release function or the kernel will complain on module unload */ > static void cscfg_dev_release(struct device *dev) > { > - kfree(cscfg_mgr); > + put_device(dev); > cscfg_mgr = NULL; > } > > -- > 2.17.1 >
On Thu, Jan 20, 2022 at 10:56:42AM -0700, Mathieu Poirier wrote: > Good morning, > > On Mon, Jan 10, 2022 at 07:31:00AM +0000, Miaoqian Lin wrote: > > device_register() calls device_initialize(), > > according to doc of device_initialize: > > > > Use put_device() to give up your reference instead of freeing > > * @dev directly once you have called this function. > > That is _if_ device_initialize() is called manually. In this instance > @dev is registered with device_register() and unregistered with > device_unregister(). The latter conforms to the comment you pointed out and > calls put_device() as expected. I originally misunderstood the context - you are referring to the failure path in cscfg_create_device(). You are correct about needing to call put_device() but your solution will not work when the module is unloaded properly and device_unregister() is called by way of cscfg_clear_device(). In that case device_unregister() is already calling put_device(). Here simply calling put_device() instead of cscfg_dev_release() in the error path should do just fine. That will call cscfg_dev_release() and the memory allocated for cscfg_mgr will be release. > > Thanks, > Mathieu > > > > > To prevent potential memleak, use put_device() instead call kfree > > directly. > > > > Signed-off-by: Miaoqian Lin <linmq006@gmail.com> > > --- > > drivers/hwtracing/coresight/coresight-syscfg.c | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/drivers/hwtracing/coresight/coresight-syscfg.c b/drivers/hwtracing/coresight/coresight-syscfg.c > > index 43054568430f..007fa1c761a7 100644 > > --- a/drivers/hwtracing/coresight/coresight-syscfg.c > > +++ b/drivers/hwtracing/coresight/coresight-syscfg.c > > @@ -764,7 +764,7 @@ struct device *cscfg_device(void) > > /* Must have a release function or the kernel will complain on module unload */ > > static void cscfg_dev_release(struct device *dev) > > { > > - kfree(cscfg_mgr); > > + put_device(dev); > > cscfg_mgr = NULL; > > } > > > > -- > > 2.17.1 > >
diff --git a/drivers/hwtracing/coresight/coresight-syscfg.c b/drivers/hwtracing/coresight/coresight-syscfg.c index 43054568430f..007fa1c761a7 100644 --- a/drivers/hwtracing/coresight/coresight-syscfg.c +++ b/drivers/hwtracing/coresight/coresight-syscfg.c @@ -764,7 +764,7 @@ struct device *cscfg_device(void) /* Must have a release function or the kernel will complain on module unload */ static void cscfg_dev_release(struct device *dev) { - kfree(cscfg_mgr); + put_device(dev); cscfg_mgr = NULL; }
device_register() calls device_initialize(), according to doc of device_initialize: Use put_device() to give up your reference instead of freeing * @dev directly once you have called this function. To prevent potential memleak, use put_device() instead call kfree directly. Signed-off-by: Miaoqian Lin <linmq006@gmail.com> --- drivers/hwtracing/coresight/coresight-syscfg.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)