Re: [PATCH 1/2] of: of_node_get()/of_node_put() nodes held in phandle cache

From: Rob Herring
Date: Fri Dec 14 2018 - 12:15:53 EST

Next message: Stephen Boyd: "Re: [PATCH 1/3] arm64: Remove CONFIG_SOC_IMX8MQ and use ARCH_MXC instead"
Previous message: kbuild test robot: "Re: [PATCH] mm, memcg: fix reclaim deadlock with writeback"
In reply to: frowand . list: "[PATCH 1/2] of: of_node_get()/of_node_put() nodes held in phandle cache"
Next in thread: Frank Rowand: "Re: [PATCH 1/2] of: of_node_get()/of_node_put() nodes held in phandle cache"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Dec 14, 2018 at 12:43 AM <frowand.list@xxxxxxxxx> wrote:
>
> From: Frank Rowand <frank.rowand@xxxxxxxx>
>
> The phandle cache contains struct device_node pointers. The refcount
> of the pointers was not incremented while in the cache, allowing use
> after free error after kfree() of the node. Add the proper increment
> and decrement of the use count.

Since we pre-populate the cache at boot, all the nodes will have a ref
count and will never be freed unless we happen to repopulate the whole
cache. That doesn't seem ideal. The node pointer is not "in use" just
because it is in the cache.

Rob

Next message: Stephen Boyd: "Re: [PATCH 1/3] arm64: Remove CONFIG_SOC_IMX8MQ and use ARCH_MXC instead"
Previous message: kbuild test robot: "Re: [PATCH] mm, memcg: fix reclaim deadlock with writeback"
In reply to: frowand . list: "[PATCH 1/2] of: of_node_get()/of_node_put() nodes held in phandle cache"
Next in thread: Frank Rowand: "Re: [PATCH 1/2] of: of_node_get()/of_node_put() nodes held in phandle cache"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]