From 047a8a0a2da716fecfd325d21ccf509c431992d9 Mon Sep 17 00:00:00 2001 From: Daniel Latypov Date: Fri, 22 Jul 2022 17:15:32 +0000 Subject: kunit: make kunit_kfree() only work on pointers from kunit_malloc() and friends kunit_kfree() exists to clean up allocations from kunit_kmalloc() and friends early instead of waiting for this to happen automatically at the end of the test. But it can be used on *anything* registered with the kunit resource API. E.g. the last 2 statements are equivalent: struct kunit_resource *res = something(); kfree(res->data); kunit_put_resource(res); The problem is that there could be multiple resources that point to the same `data`. E.g. you can have a named resource acting as a pseudo-global variable in a test. If you point it to data allocated with kunit_kmalloc(), then calling `kunit_kfree(ptr)` has the chance to delete either the named resource or to kfree `ptr`. Which one it does depends on the order the resources are registered as kunit_kfree() will delete resources in LIFO order. So this patch restricts kunit_kfree() to only working on resources created by kunit_kmalloc(). Calling it is therefore guaranteed to free the memory, not do anything else. Note: kunit_resource_instance_match() wasn't used outside of KUnit, so it should be safe to remove from the public interface. It's also generally dangerous, as shown above, and shouldn't be used. Signed-off-by: Daniel Latypov Reviewed-by: David Gow Reviewed-by: Brendan Higgins Signed-off-by: Shuah Khan --- lib/kunit/kunit-test.c | 7 +++++++ lib/kunit/test.c | 10 ++++++++-- 2 files changed, 15 insertions(+), 2 deletions(-) (limited to 'lib') diff --git a/lib/kunit/kunit-test.c b/lib/kunit/kunit-test.c index 13d0bd8b07a9..4df0335d0d06 100644 --- a/lib/kunit/kunit-test.c +++ b/lib/kunit/kunit-test.c @@ -161,6 +161,13 @@ static void kunit_resource_test_alloc_resource(struct kunit *test) kunit_put_resource(res); } +static inline bool kunit_resource_instance_match(struct kunit *test, + struct kunit_resource *res, + void *match_data) +{ + return res->data == match_data; +} + /* * Note: tests below use kunit_alloc_and_get_resource(), so as a consequence * they have a reference to the associated resource that they must release diff --git a/lib/kunit/test.c b/lib/kunit/test.c index 638df598bcf9..0f9c1fb32da7 100644 --- a/lib/kunit/test.c +++ b/lib/kunit/test.c @@ -713,12 +713,18 @@ void *kunit_kmalloc_array(struct kunit *test, size_t n, size_t size, gfp_t gfp) } EXPORT_SYMBOL_GPL(kunit_kmalloc_array); +static inline bool kunit_kfree_match(struct kunit *test, + struct kunit_resource *res, void *match_data) +{ + /* Only match resources allocated with kunit_kmalloc() and friends. */ + return res->free == kunit_kmalloc_array_free && res->data == match_data; +} + void kunit_kfree(struct kunit *test, const void *ptr) { struct kunit_resource *res; - res = kunit_find_resource(test, kunit_resource_instance_match, - (void *)ptr); + res = kunit_find_resource(test, kunit_kfree_match, (void *)ptr); /* * Removing the resource from the list of resources drops the -- cgit v1.2.3