Re: [tpmdd-devel] [PATCH v4 2/8] tpm: replace dynamically allocated bios_dir with dentry array
On Wed, Sep 28, 2016 at 04:34:36AM -0400, Nayna Jain wrote: > bios_dir is defined as struct dentry **bios_dir, which results in > dynamic allocation and therefore possibly a memory leak. This patch > replaces it with struct dentry array(struct dentry *bios_dir[3]) > similar to what is done for sysfs groups. > > Suggested-by: Jason Gunthorpe> Signed-off-by: Nayna Jain > Reviewed-by: Jason Gunthorpe > --- > drivers/char/tpm/tpm-chip.c | 8 +++--- > drivers/char/tpm/tpm.h | 3 +- > drivers/char/tpm/tpm_eventlog.c | 63 > +++-- > drivers/char/tpm/tpm_eventlog.h | 10 +++ > 4 files changed, 40 insertions(+), 44 deletions(-) > > diff --git a/drivers/char/tpm/tpm-chip.c b/drivers/char/tpm/tpm-chip.c > index e595013..826609d 100644 > --- a/drivers/char/tpm/tpm-chip.c > +++ b/drivers/char/tpm/tpm-chip.c > @@ -278,14 +278,15 @@ static void tpm_del_char_device(struct tpm_chip *chip) > > static int tpm1_chip_register(struct tpm_chip *chip) > { > + int rc; > if (chip->flags & TPM_CHIP_FLAG_TPM2) > return 0; > > tpm_sysfs_add_device(chip); > > - chip->bios_dir = tpm_bios_log_setup(dev_name(>dev)); > + rc = tpm_bios_log_setup(chip); > > - return 0; > + return rc; > } > > static void tpm1_chip_unregister(struct tpm_chip *chip) > @@ -293,8 +294,7 @@ static void tpm1_chip_unregister(struct tpm_chip *chip) > if (chip->flags & TPM_CHIP_FLAG_TPM2) > return; > > - if (chip->bios_dir) > - tpm_bios_log_teardown(chip->bios_dir); > + tpm_bios_log_teardown(chip); > } > > static void tpm_del_legacy_sysfs(struct tpm_chip *chip) > diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h > index 3e952fb..b5866bb 100644 > --- a/drivers/char/tpm/tpm.h > +++ b/drivers/char/tpm/tpm.h > @@ -171,7 +171,8 @@ struct tpm_chip { > unsigned long duration[3]; /* jiffies */ > bool duration_adjusted; > > - struct dentry **bios_dir; > + struct dentry *bios_dir[3]; > + unsigned int bios_dir_count; > > const struct attribute_group *groups[3]; > unsigned int groups_cnt; > diff --git a/drivers/char/tpm/tpm_eventlog.c b/drivers/char/tpm/tpm_eventlog.c > index 75e6644..f1df782 100644 > --- a/drivers/char/tpm/tpm_eventlog.c > +++ b/drivers/char/tpm/tpm_eventlog.c > @@ -332,7 +332,8 @@ static int tpm_bios_measurements_open(struct inode *inode, > if (!log) > return -ENOMEM; > > - if ((err = read_log(log))) > + err = read_log(log); > + if (err) > goto out_free; > > /* now register seq file */ > @@ -368,54 +369,48 @@ static int is_bad(void *p) > return 0; > } > > -struct dentry **tpm_bios_log_setup(const char *name) > +int tpm_bios_log_setup(struct tpm_chip *chip) > { > - struct dentry **ret = NULL, *tpm_dir, *bin_file, *ascii_file; > + const char *name = dev_name(>dev); > > - tpm_dir = securityfs_create_dir(name, NULL); > - if (is_bad(tpm_dir)) > - goto out; > + chip->bios_dir_count = 0; > + chip->bios_dir[chip->bios_dir_count] = > + securityfs_create_dir(name, NULL); > + if (is_bad(chip->bios_dir[chip->bios_dir_count])) > + goto err; > + chip->bios_dir_count++; > > - bin_file = > + chip->bios_dir[chip->bios_dir_count] = > securityfs_create_file("binary_bios_measurements", > -S_IRUSR | S_IRGRP, tpm_dir, > +S_IRUSR | S_IRGRP, chip->bios_dir[0], > (void *)_binary_b_measurments_seqops, > _bios_measurements_ops); > - if (is_bad(bin_file)) > - goto out_tpm; > + if (is_bad(chip->bios_dir[chip->bios_dir_count])) > + goto err; > + chip->bios_dir_count++; > > - ascii_file = > + chip->bios_dir[chip->bios_dir_count] = > securityfs_create_file("ascii_bios_measurements", > -S_IRUSR | S_IRGRP, tpm_dir, > +S_IRUSR | S_IRGRP, chip->bios_dir[0], > (void *)_ascii_b_measurments_seqops, > _bios_measurements_ops); The following securityfs_create_file calls overwrite the same field, which leaks memory, as you pass chip->biod_dir[0] to these calls. I guess securityfs_remove() returns with NULL input (haven't checked). /Jarkko -- Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot ___ tpmdd-devel mailing list tpmdd-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tpmdd-devel
Re: [tpmdd-devel] [PATCH v4 2/8] tpm: replace dynamically allocated bios_dir with dentry array
On Fri, Sep 30, 2016 at 02:31:47PM -0600, Jason Gunthorpe wrote: > On Fri, Sep 30, 2016 at 10:48:25PM +0300, Jarkko Sakkinen wrote: > > On Fri, Sep 30, 2016 at 12:30:26PM -0600, Jason Gunthorpe wrote: > > > On Fri, Sep 30, 2016 at 09:27:03PM +0300, Jarkko Sakkinen wrote: > > > > On Wed, Sep 28, 2016 at 04:34:36AM -0400, Nayna Jain wrote: > > > > > > > > - struct dentry **bios_dir; > > > > > + struct dentry *bios_dir[3]; > > > > > + unsigned int bios_dir_count; > > > > > > > > You should rather have a four entry array and use a NULL terminator. > > > > > > Why? Then everything has to compute the length before doing > > > anything. The basic ops are 'append to back' and 'pop off back' which > > > require length. > > > > One variable less to struct tpm_chip. The loop that removes the files > > simply can continue until NULL is encountered. > > We've been over this, the loop has to remove them in reverse over. > > Why are you so concerned about size of tpm_chip?? It's not the size. It's the added complexity. I'll look into revising this commit a bit in order in order to move things forward... /Jarkko -- Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot ___ tpmdd-devel mailing list tpmdd-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tpmdd-devel
Re: [tpmdd-devel] [PATCH v4 2/8] tpm: replace dynamically allocated bios_dir with dentry array
On Fri, Sep 30, 2016 at 10:48:25PM +0300, Jarkko Sakkinen wrote: > On Fri, Sep 30, 2016 at 12:30:26PM -0600, Jason Gunthorpe wrote: > > On Fri, Sep 30, 2016 at 09:27:03PM +0300, Jarkko Sakkinen wrote: > > > On Wed, Sep 28, 2016 at 04:34:36AM -0400, Nayna Jain wrote: > > > > > > - struct dentry **bios_dir; > > > > + struct dentry *bios_dir[3]; > > > > + unsigned int bios_dir_count; > > > > > > You should rather have a four entry array and use a NULL terminator. > > > > Why? Then everything has to compute the length before doing > > anything. The basic ops are 'append to back' and 'pop off back' which > > require length. > > One variable less to struct tpm_chip. The loop that removes the files > simply can continue until NULL is encountered. We've been over this, the loop has to remove them in reverse over. Why are you so concerned about size of tpm_chip?? > Where do you need the length? Every place that touches the array Jason -- Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot ___ tpmdd-devel mailing list tpmdd-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tpmdd-devel
Re: [tpmdd-devel] [PATCH v4 2/8] tpm: replace dynamically allocated bios_dir with dentry array
On Fri, Sep 30, 2016 at 12:30:26PM -0600, Jason Gunthorpe wrote: > On Fri, Sep 30, 2016 at 09:27:03PM +0300, Jarkko Sakkinen wrote: > > On Wed, Sep 28, 2016 at 04:34:36AM -0400, Nayna Jain wrote: > > > > - struct dentry **bios_dir; > > > + struct dentry *bios_dir[3]; > > > + unsigned int bios_dir_count; > > > > You should rather have a four entry array and use a NULL terminator. > > Why? Then everything has to compute the length before doing > anything. The basic ops are 'append to back' and 'pop off back' which > require length. One variable less to struct tpm_chip. The loop that removes the files simply can continue until NULL is encountered. Where do you need the length? > Jason /Jarkko -- Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot ___ tpmdd-devel mailing list tpmdd-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tpmdd-devel
Re: [tpmdd-devel] [PATCH v4 2/8] tpm: replace dynamically allocated bios_dir with dentry array
On Wed, Sep 28, 2016 at 04:34:36AM -0400, Nayna Jain wrote: > bios_dir is defined as struct dentry **bios_dir, which results in > dynamic allocation and therefore possibly a memory leak. This patch > replaces it with struct dentry array(struct dentry *bios_dir[3]) > similar to what is done for sysfs groups. > > Suggested-by: Jason Gunthorpe> Signed-off-by: Nayna Jain > Reviewed-by: Jason Gunthorpe > --- > drivers/char/tpm/tpm-chip.c | 8 +++--- > drivers/char/tpm/tpm.h | 3 +- > drivers/char/tpm/tpm_eventlog.c | 63 > +++-- > drivers/char/tpm/tpm_eventlog.h | 10 +++ > 4 files changed, 40 insertions(+), 44 deletions(-) > > diff --git a/drivers/char/tpm/tpm-chip.c b/drivers/char/tpm/tpm-chip.c > index e595013..826609d 100644 > --- a/drivers/char/tpm/tpm-chip.c > +++ b/drivers/char/tpm/tpm-chip.c > @@ -278,14 +278,15 @@ static void tpm_del_char_device(struct tpm_chip *chip) > > static int tpm1_chip_register(struct tpm_chip *chip) > { > + int rc; > if (chip->flags & TPM_CHIP_FLAG_TPM2) > return 0; > > tpm_sysfs_add_device(chip); > > - chip->bios_dir = tpm_bios_log_setup(dev_name(>dev)); > + rc = tpm_bios_log_setup(chip); > > - return 0; > + return rc; > } > > static void tpm1_chip_unregister(struct tpm_chip *chip) > @@ -293,8 +294,7 @@ static void tpm1_chip_unregister(struct tpm_chip *chip) > if (chip->flags & TPM_CHIP_FLAG_TPM2) > return; > > - if (chip->bios_dir) > - tpm_bios_log_teardown(chip->bios_dir); > + tpm_bios_log_teardown(chip); > } > > static void tpm_del_legacy_sysfs(struct tpm_chip *chip) > diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h > index 3e952fb..b5866bb 100644 > --- a/drivers/char/tpm/tpm.h > +++ b/drivers/char/tpm/tpm.h > @@ -171,7 +171,8 @@ struct tpm_chip { > unsigned long duration[3]; /* jiffies */ > bool duration_adjusted; > > - struct dentry **bios_dir; > + struct dentry *bios_dir[3]; > + unsigned int bios_dir_count; You should rather have a four entry array and use a NULL terminator. > const struct attribute_group *groups[3]; > unsigned int groups_cnt; > diff --git a/drivers/char/tpm/tpm_eventlog.c b/drivers/char/tpm/tpm_eventlog.c > index 75e6644..f1df782 100644 > --- a/drivers/char/tpm/tpm_eventlog.c > +++ b/drivers/char/tpm/tpm_eventlog.c > @@ -332,7 +332,8 @@ static int tpm_bios_measurements_open(struct inode *inode, > if (!log) > return -ENOMEM; > > - if ((err = read_log(log))) > + err = read_log(log); > + if (err) > goto out_free; > > /* now register seq file */ > @@ -368,54 +369,48 @@ static int is_bad(void *p) > return 0; > } > > -struct dentry **tpm_bios_log_setup(const char *name) > +int tpm_bios_log_setup(struct tpm_chip *chip) > { > - struct dentry **ret = NULL, *tpm_dir, *bin_file, *ascii_file; > + const char *name = dev_name(>dev); > > - tpm_dir = securityfs_create_dir(name, NULL); > - if (is_bad(tpm_dir)) > - goto out; > + chip->bios_dir_count = 0; > + chip->bios_dir[chip->bios_dir_count] = > + securityfs_create_dir(name, NULL); > + if (is_bad(chip->bios_dir[chip->bios_dir_count])) > + goto err; > + chip->bios_dir_count++; > > - bin_file = > + chip->bios_dir[chip->bios_dir_count] = > securityfs_create_file("binary_bios_measurements", > -S_IRUSR | S_IRGRP, tpm_dir, > +S_IRUSR | S_IRGRP, chip->bios_dir[0], > (void *)_binary_b_measurments_seqops, > _bios_measurements_ops); > - if (is_bad(bin_file)) > - goto out_tpm; > + if (is_bad(chip->bios_dir[chip->bios_dir_count])) > + goto err; > + chip->bios_dir_count++; > > - ascii_file = > + chip->bios_dir[chip->bios_dir_count] = > securityfs_create_file("ascii_bios_measurements", > -S_IRUSR | S_IRGRP, tpm_dir, > +S_IRUSR | S_IRGRP, chip->bios_dir[0], > (void *)_ascii_b_measurments_seqops, > _bios_measurements_ops); > - if (is_bad(ascii_file)) > - goto out_bin; > + if (is_bad(chip->bios_dir[chip->bios_dir_count])) > + goto err; > + chip->bios_dir_count++; > > - ret = kmalloc(3 * sizeof(struct dentry *), GFP_KERNEL); > - if (!ret) > - goto out_ascii; > - > - ret[0] = ascii_file; > - ret[1] = bin_file; > - ret[2] = tpm_dir; > - > - return ret; > + return 0; > > -out_ascii: > - securityfs_remove(ascii_file); > -out_bin: > - securityfs_remove(bin_file); > -out_tpm: > -