Re: [PATCH] clk: starfive: Avoid casting iomem pointers
From: Stephen Boyd
Date: Thu Apr 13 2023 - 18:01:11 EST
Quoting Conor Dooley (2023-04-13 14:26:56)
> > @@ -335,26 +338,32 @@ static void jh7110_reset_unregister_adev(void *_adev)
> > struct auxiliary_device *adev = _adev;
> >
> > auxiliary_device_delete(adev);
> > + auxiliary_device_uninit(adev);
>
> Huh, I think you didn't explicitly mention this one, but it's actually
> part of the UAF fix AFAICT?
>
> When I did the aux device stuff for the clk-mpfs driver, I copied from
> peci as there were almost no examples of aux dev stuff in-tree.
> It looks like subsequently to me starting development, this fix landed:
> 1c11289b34ab ("peci: cpu: Fix use-after-free in adev_release()")
>
> It similarly moves the uninit() to the release callback...
>
> I think I need the below (whitespace damaged):
Yeah that looks better. Care to send a proper patch for it?
> diff --git a/drivers/clk/microchip/clk-mpfs.c b/drivers/clk/microchip/clk-mpfs.c
> index 4f0a19db7ed7..cc5d7dee59f0 100644
> --- a/drivers/clk/microchip/clk-mpfs.c
> +++ b/drivers/clk/microchip/clk-mpfs.c
> @@ -374,14 +374,13 @@ static void mpfs_reset_unregister_adev(void *_adev)
> struct auxiliary_device *adev = _adev;
>
> auxiliary_device_delete(adev);
> + auxiliary_device_uninit(adev);
> }
>
> static void mpfs_reset_adev_release(struct device *dev)
> {
> struct auxiliary_device *adev = to_auxiliary_dev(dev);
>
> - auxiliary_device_uninit(adev);
> -
> kfree(adev);
> }
>
> Anyways, for this patch:
> Reviewed-by: Conor Dooley <conor.dooley@xxxxxxxxxxxxx>
>
Thanks.