Re: [PATCH v3 06/15] arm64: dts: qcom: sc8280xp: Fix the base addresses of LLCC banks

[Borislav Petkov]

On Tue, Dec 20, 2022 at 03:22:07PM +0530, Manivannan Sadhasivam wrote:
> This is a genuine use-after-free bug that happens because the edac core frees
> the memory assigned to "llcc_driv_data" pointer that gets passed as "pvt_info".
> 
> Here, the LLCC driver is one creating the "qcom_llcc_edac" platform device and
> also allocating memory for "llcc_driv_data". But since during qcom_edac driver
> removal, we are just unregistering the driver and the platform device still
> stays around, the edac driver is not supposed to free any memory associated
> with the platform device.

If you mean

__edac_device_free_ctl_info()

it is very well supposed to free it as it allocates it in
edac_device_alloc_ctl_info().

If qcom_llcc_edac_probe() simply goes and assigns something of its own
to edev_ctl->pvt_info, then that driver gets to keep the pieces ofc.

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette