The fwnode_for_each_child_node() loop requires manual intervention to decrement the child refcount in case of an early return.
Add the missing calls to fwnode_handle_put(child) to avoid memory leaks in the error paths.
Cc: stable@vger.kernel.org Fixes: 679f8652064b ("leds: Add mt6360 driver") Signed-off-by: Javier Carrasco javier.carrasco.cruz@gmail.com --- This bug was found while analyzing the code and I have no real hardware to validate the fix beyond compilation and static analysis. But given that the child node is only used to retrieve some properties within the fwnode_for_each_child_node(), and it is not used outside the loop, the fix is straightforward.
Nevertheless, any tests to catch regressions with real hardware are always welcome.
The bug has been around since the driver was added. --- drivers/leds/flash/leds-mt6360.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/drivers/leds/flash/leds-mt6360.c b/drivers/leds/flash/leds-mt6360.c index 1b75b4d36834..4c74f1cf01f0 100644 --- a/drivers/leds/flash/leds-mt6360.c +++ b/drivers/leds/flash/leds-mt6360.c @@ -643,14 +643,17 @@ static int mt6360_init_isnk_properties(struct mt6360_led *led,
ret = fwnode_property_read_u32(child, "reg", ®); if (ret || reg > MT6360_LED_ISNK3 || - priv->leds_active & BIT(reg)) + priv->leds_active & BIT(reg)) { + fwnode_handle_put(child); return -EINVAL; + }
ret = fwnode_property_read_u32(child, "color", &color); if (ret) { dev_err(priv->dev, "led %d, no color specified\n", led->led_no); + fwnode_handle_put(child); return ret; }
--- base-commit: d35b2284e966c0bef3e2182a5c5ea02177dd32e4 change-id: 20240610-leds-mt6360-memleak-78faf3e435b0
Best regards,
…
Add the missing calls to fwnode_handle_put(child) to avoid memory leaks in the error paths.
I suggest to apply a goto chain for a while. https://wiki.sei.cmu.edu/confluence/display/c/MEM12-C.+Consider+using+a+goto...
Will the application of scope-based resource management become feasible with another delay? https://elixir.bootlin.com/linux/v6.10-rc3/source/include/linux/cleanup.h#L8
Regards, Markus
On 11/06/2024 16:01, Markus Elfring wrote:
…
Add the missing calls to fwnode_handle_put(child) to avoid memory leaks in the error paths.
I suggest to apply a goto chain for a while. https://wiki.sei.cmu.edu/confluence/display/c/MEM12-C.+Consider+using+a+goto...
Will the application of scope-based resource management become feasible with another delay? https://elixir.bootlin.com/linux/v6.10-rc3/source/include/linux/cleanup.h#L8
Regards, Markus
I considered that option too, but there is still no _scoped() variant of the loop. The scoped version of the _available_ variant is being discussed, though. Maybe that one could be used here if there is no need to iterate over unavailable nodes.
We could not back port that solution anyway, so I would suggest this solution (or the one with a goto), and then a separate patch to used a scoped macro if preferred.
Best regards, Javier Carrasco
On Tue, Jun 11, 2024 at 04:01:49PM +0200, Markus Elfring wrote:
…
Add the missing calls to fwnode_handle_put(child) to avoid memory leaks in the error paths.
I suggest to apply a goto chain for a while. https://wiki.sei.cmu.edu/confluence/display/c/MEM12-C.+Consider+using+a+goto...
Will the application of scope-based resource management become feasible with another delay? https://elixir.bootlin.com/linux/v6.10-rc3/source/include/linux/cleanup.h#L8
Regards, Markus
Hi,
This is the semi-friendly patch-bot of Greg Kroah-Hartman.
Markus, you seem to have sent a nonsensical or otherwise pointless review comment to a patch submission on a Linux kernel developer mailing list. I strongly suggest that you not do this anymore. Please do not bother developers who are actively working to produce patches and features with comments that, in the end, are a waste of time.
Patch submitter, please ignore Markus's suggestion; you do not need to follow it at all. The person/bot/AI that sent it is being ignored by almost all Linux kernel maintainers for having a persistent pattern of behavior of producing distracting and pointless commentary, and inability to adapt to feedback. Please feel free to also ignore emails from them.
thanks,
greg k-h's patch email bot
On Tue, 11 Jun 2024 00:40:26 +0200, Javier Carrasco wrote:
The fwnode_for_each_child_node() loop requires manual intervention to decrement the child refcount in case of an early return.
Add the missing calls to fwnode_handle_put(child) to avoid memory leaks in the error paths.
[...]
Applied, thanks!
[1/1] leds: mt6360: fix memory leak in mt6360_init_isnk_properties() commit: 6e0b2281085191fbf34fb24ef272cb44a82de4f0
-- Lee Jones [李琼斯]
linux-stable-mirror@lists.linaro.org