diff mbox series

[v2,2/4] ubi: ubi_init: Fix missed ubiblock cleanup in error handling path

Message ID 20240411031903.3050278-3-chengzhihao1@huawei.com
State New
Delegated to: Richard Weinberger
Headers show
Series ubi: Fix serious of resource leaking problems | expand

Commit Message

Zhihao Cheng April 11, 2024, 3:19 a.m. UTC 
The ubiblock_init called by ubi_init will register device number, but
device number is not released in error handling path of ubi_init when
ubi is loaded by inserting module (eg. attaching failure), which leads
to subsequent ubi_init calls failed by running out of device number
(dmesg shows that "__register_blkdev: failed to get major for ubiblock").
Since ubiblock_init() registers notifier and invokes notification
functions, so we can move it after ubi_init_attach() to fix the problem.

Fixes: 927c145208b0 ("mtd: ubi: attach from device tree")
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
---
 drivers/mtd/ubi/build.c | 51 +++++++++++++++++++++--------------------
 1 file changed, 26 insertions(+), 25 deletions(-)

Comments

Daniel Golle April 11, 2024, 3:48 p.m. UTC | #1 
On Thu, Apr 11, 2024 at 11:19:01AM +0800, Zhihao Cheng wrote:
> The ubiblock_init called by ubi_init will register device number, but
> device number is not released in error handling path of ubi_init when
> ubi is loaded by inserting module (eg. attaching failure), which leads
> to subsequent ubi_init calls failed by running out of device number
> (dmesg shows that "__register_blkdev: failed to get major for ubiblock").
> Since ubiblock_init() registers notifier and invokes notification
> functions, so we can move it after ubi_init_attach() to fix the problem.
> 
> Fixes: 927c145208b0 ("mtd: ubi: attach from device tree")
> Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
> ---
>  drivers/mtd/ubi/build.c | 51 +++++++++++++++++++++--------------------
>  1 file changed, 26 insertions(+), 25 deletions(-)
> 
> diff --git a/drivers/mtd/ubi/build.c b/drivers/mtd/ubi/build.c
> index 7f95fd7968a8..bc63fbf5e947 100644
> --- a/drivers/mtd/ubi/build.c
> +++ b/drivers/mtd/ubi/build.c
> @@ -1263,9 +1263,21 @@ static struct mtd_notifier ubi_mtd_notifier = {
>  	.remove = ubi_notify_remove,
>  };
>  
> +static void detach_mtd_devs(int count)

Missing __init to avoid section missmatch.

See also: https://lore.kernel.org/oe-kbuild-all/202404112327.158HJfAw-lkp@intel.com/

> +{
> +	int i;
> +
> +	for (i = 0; i < count; i++)
> +		if (ubi_devices[i]) {
> +			mutex_lock(&ubi_devices_mutex);
> +			ubi_detach_mtd_dev(ubi_devices[i]->ubi_num, 1);
> +			mutex_unlock(&ubi_devices_mutex);
> +		}
> +}
> +
>  static int __init ubi_init_attach(void)
>  {
> -	int err, i, k;
> +	int err, i;
>  
>  	/* Attach MTD devices */
>  	for (i = 0; i < mtd_devs; i++) {
> @@ -1317,12 +1329,7 @@ static int __init ubi_init_attach(void)
>  	return 0;
>  
>  out_detach:
> -	for (k = 0; k < i; k++)
> -		if (ubi_devices[k]) {
> -			mutex_lock(&ubi_devices_mutex);
> -			ubi_detach_mtd_dev(ubi_devices[k]->ubi_num, 1);
> -			mutex_unlock(&ubi_devices_mutex);
> -		}
> +	detach_mtd_devs(i);
>  	return err;
>  }
>  #ifndef CONFIG_MTD_UBI_MODULE
> @@ -1366,15 +1373,6 @@ static int __init ubi_init(void)
>  	if (err)
>  		goto out_slab;
>  
> -	err = ubiblock_init();
> -	if (err) {
> -		pr_err("UBI error: block: cannot initialize, error %d\n", err);
> -
> -		/* See comment above re-ubi_is_module(). */
> -		if (ubi_is_module())
> -			goto out_debugfs;
> -	}
> -
>  	register_mtd_user(&ubi_mtd_notifier);
>  
>  	if (ubi_is_module()) {
> @@ -1383,11 +1381,21 @@ static int __init ubi_init(void)
>  			goto out_mtd_notifier;
>  	}
>  
> +	err = ubiblock_init();
> +	if (err) {
> +		pr_err("UBI error: block: cannot initialize, error %d\n", err);
> +
> +		/* See comment above re-ubi_is_module(). */
> +		if (ubi_is_module())
> +			goto out_detach;
> +	}
> +
>  	return 0;
>  
> +out_detach:
> +	detach_mtd_devs(mtd_devs);
>  out_mtd_notifier:
>  	unregister_mtd_user(&ubi_mtd_notifier);
> -out_debugfs:
>  	ubi_debugfs_exit();
>  out_slab:
>  	kmem_cache_destroy(ubi_wl_entry_slab);
> @@ -1403,17 +1411,10 @@ device_initcall(ubi_init);
>  
>  static void __exit ubi_exit(void)
>  {
> -	int i;
> -
>  	ubiblock_exit();
>  	unregister_mtd_user(&ubi_mtd_notifier);
>  
> -	for (i = 0; i < UBI_MAX_DEVICES; i++)
> -		if (ubi_devices[i]) {
> -			mutex_lock(&ubi_devices_mutex);
> -			ubi_detach_mtd_dev(ubi_devices[i]->ubi_num, 1);
> -			mutex_unlock(&ubi_devices_mutex);
> -		}
> +	detach_mtd_devs(UBI_MAX_DEVICES);
>  	ubi_debugfs_exit();
>  	kmem_cache_destroy(ubi_wl_entry_slab);
>  	misc_deregister(&ubi_ctrl_cdev);
> -- 
> 2.39.2
>
Markus Elfring April 11, 2024, 4:43 p.m. UTC | #2 
> Since ubiblock_init() registers notifier and invokes notification
> functions, so we can move it after ubi_init_attach() to fix the problem.

I find this change description improvable.
Would an imperative wording be also more desirable here?

Regards,
Markus
Zhihao Cheng April 12, 2024, 1:20 a.m. UTC | #3 
在 2024/4/11 23:48, Daniel Golle 写道:
> On Thu, Apr 11, 2024 at 11:19:01AM +0800, Zhihao Cheng wrote:
>> The ubiblock_init called by ubi_init will register device number, but
>> device number is not released in error handling path of ubi_init when
>> ubi is loaded by inserting module (eg. attaching failure), which leads
>> to subsequent ubi_init calls failed by running out of device number
>> (dmesg shows that "__register_blkdev: failed to get major for ubiblock").
>> Since ubiblock_init() registers notifier and invokes notification
>> functions, so we can move it after ubi_init_attach() to fix the problem.
>>
>> Fixes: 927c145208b0 ("mtd: ubi: attach from device tree")
>> Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
>> ---
>>   drivers/mtd/ubi/build.c | 51 +++++++++++++++++++++--------------------
>>   1 file changed, 26 insertions(+), 25 deletions(-)
>>
>> diff --git a/drivers/mtd/ubi/build.c b/drivers/mtd/ubi/build.c
>> index 7f95fd7968a8..bc63fbf5e947 100644
>> --- a/drivers/mtd/ubi/build.c
>> +++ b/drivers/mtd/ubi/build.c
>> @@ -1263,9 +1263,21 @@ static struct mtd_notifier ubi_mtd_notifier = {
>>   	.remove = ubi_notify_remove,
>>   };
>>   
>> +static void detach_mtd_devs(int count)
> 
> Missing __init to avoid section missmatch.
> 
> See also: https://lore.kernel.org/oe-kbuild-all/202404112327.158HJfAw-lkp@intel.com/

I think function without '__init' attributes can be called in ubi_init, 
for example misc_register, kmem_cache_create, and I verify it by make 
W=1 in local machine. And above warning(in your link) is only detected 
in my v1 series.
After investigating the '__init' and '__exit', I understand that there 
are two independent text section for these functions, for example, 
__init text section will be removed from memory after it is finished, so 
we cannot call __exit function in __init function.
> 
>> +{
>> +	int i;
>> +
>> +	for (i = 0; i < count; i++)
>> +		if (ubi_devices[i]) {
>> +			mutex_lock(&ubi_devices_mutex);
>> +			ubi_detach_mtd_dev(ubi_devices[i]->ubi_num, 1);
>> +			mutex_unlock(&ubi_devices_mutex);
>> +		}
>> +}
diff mbox series

Patch

diff --git a/drivers/mtd/ubi/build.c b/drivers/mtd/ubi/build.c
index 7f95fd7968a8..bc63fbf5e947 100644
--- a/drivers/mtd/ubi/build.c
+++ b/drivers/mtd/ubi/build.c
@@ -1263,9 +1263,21 @@  static struct mtd_notifier ubi_mtd_notifier = {
 	.remove = ubi_notify_remove,
 };
 
+static void detach_mtd_devs(int count)
+{
+	int i;
+
+	for (i = 0; i < count; i++)
+		if (ubi_devices[i]) {
+			mutex_lock(&ubi_devices_mutex);
+			ubi_detach_mtd_dev(ubi_devices[i]->ubi_num, 1);
+			mutex_unlock(&ubi_devices_mutex);
+		}
+}
+
 static int __init ubi_init_attach(void)
 {
-	int err, i, k;
+	int err, i;
 
 	/* Attach MTD devices */
 	for (i = 0; i < mtd_devs; i++) {
@@ -1317,12 +1329,7 @@  static int __init ubi_init_attach(void)
 	return 0;
 
 out_detach:
-	for (k = 0; k < i; k++)
-		if (ubi_devices[k]) {
-			mutex_lock(&ubi_devices_mutex);
-			ubi_detach_mtd_dev(ubi_devices[k]->ubi_num, 1);
-			mutex_unlock(&ubi_devices_mutex);
-		}
+	detach_mtd_devs(i);
 	return err;
 }
 #ifndef CONFIG_MTD_UBI_MODULE
@@ -1366,15 +1373,6 @@  static int __init ubi_init(void)
 	if (err)
 		goto out_slab;
 
-	err = ubiblock_init();
-	if (err) {
-		pr_err("UBI error: block: cannot initialize, error %d\n", err);
-
-		/* See comment above re-ubi_is_module(). */
-		if (ubi_is_module())
-			goto out_debugfs;
-	}
-
 	register_mtd_user(&ubi_mtd_notifier);
 
 	if (ubi_is_module()) {
@@ -1383,11 +1381,21 @@  static int __init ubi_init(void)
 			goto out_mtd_notifier;
 	}
 
+	err = ubiblock_init();
+	if (err) {
+		pr_err("UBI error: block: cannot initialize, error %d\n", err);
+
+		/* See comment above re-ubi_is_module(). */
+		if (ubi_is_module())
+			goto out_detach;
+	}
+
 	return 0;
 
+out_detach:
+	detach_mtd_devs(mtd_devs);
 out_mtd_notifier:
 	unregister_mtd_user(&ubi_mtd_notifier);
-out_debugfs:
 	ubi_debugfs_exit();
 out_slab:
 	kmem_cache_destroy(ubi_wl_entry_slab);
@@ -1403,17 +1411,10 @@  device_initcall(ubi_init);
 
 static void __exit ubi_exit(void)
 {
-	int i;
-
 	ubiblock_exit();
 	unregister_mtd_user(&ubi_mtd_notifier);
 
-	for (i = 0; i < UBI_MAX_DEVICES; i++)
-		if (ubi_devices[i]) {
-			mutex_lock(&ubi_devices_mutex);
-			ubi_detach_mtd_dev(ubi_devices[i]->ubi_num, 1);
-			mutex_unlock(&ubi_devices_mutex);
-		}
+	detach_mtd_devs(UBI_MAX_DEVICES);
 	ubi_debugfs_exit();
 	kmem_cache_destroy(ubi_wl_entry_slab);
 	misc_deregister(&ubi_ctrl_cdev);