[PATCH] pmdomain: core: Reset genpd->states to avoid freeing invalid data
Dhruva Gole
d-gole at ti.com
Thu Apr 3 01:08:15 PDT 2025
On Apr 02, 2025 at 14:06:13 +0200, Ulf Hansson wrote:
> If genpd_alloc_data() allocates data for the default power-states for the
> genpd, let's make sure to also reset the pointer in the error path. This
> makes sure a genpd provider driver doesn't end up trying to free the data
> again, but using an invalid pointer.
I maybe missing something but if kfree works similar to [1]GNU free() won't
it make the genpd->states NULL anyway? Have you actually seen scenarios
where the genpd->states is remaining non-NULL even after kfree?
[1]
https://www.gnu.org/software/libc/manual/html_node/Freeing-after-Malloc.html#:~:text=The%20free%20function%20deallocates%20the%20block%20of%20memory%20pointed%20at%20by%20ptr%20.&text=Occasionally%2C%20free%20can%20actually%20return,malloc%20to%20reuse%20the%20space.
>
> Signed-off-by: Ulf Hansson <ulf.hansson at linaro.org>
> ---
> drivers/pmdomain/core.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/pmdomain/core.c b/drivers/pmdomain/core.c
> index 9b2f28b34bb5..c179464047fe 100644
> --- a/drivers/pmdomain/core.c
> +++ b/drivers/pmdomain/core.c
> @@ -2229,8 +2229,10 @@ static int genpd_alloc_data(struct generic_pm_domain *genpd)
> return 0;
> put:
> put_device(&genpd->dev);
> - if (genpd->free_states == genpd_free_default_power_state)
> + if (genpd->free_states == genpd_free_default_power_state) {
> kfree(genpd->states);
> + genpd->states = NULL;
Also the coding convention for kfree in other places in pmdomains
doesn't seem to follow this practise either...
$> rg -A1 kfree drivers/pmdomain
Is this something we're planning to start following in pmdomains from
now on?
> + }
> free:
> if (genpd_is_cpu_domain(genpd))
> free_cpumask_var(genpd->cpus);
> --
> 2.43.0
>
>
--
Best regards,
Dhruva Gole
Texas Instruments Incorporated
More information about the linux-arm-kernel
mailing list