| Message ID | 20230306160016.4459-1-tzimmermann@suse.de |
|---|---|
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a5d:5915:0:0:0:0:0 with SMTP id v21csp1922376wrd;
Mon, 6 Mar 2023 08:03:05 -0800 (PST)
X-Google-Smtp-Source:
AK7set9CwfJjF5IOhQ0UDN7lKeKh8ti+5tF7bo09+DCIRc81TPz4A48Dt+smXmC/+EUC8qH3xICd
X-Received: by 2002:a17:90b:1c87:b0:236:73d5:82cf with SMTP id
oo7-20020a17090b1c8700b0023673d582cfmr11617323pjb.9.1678118585197;
Mon, 06 Mar 2023 08:03:05 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1678118585; cv=none;
d=google.com; s=arc-20160816;
b=ATBA0wu0NzjOwBb8HZvG5IwlJt++IaoIX7BHZ5On7rbdBO8phDF8R90eJ1kRaoejsG
sGvwK5Z0APsc2/IIeX1VljCNb7ga98QIPP+jCIfPmpccIYeXJR75t1rSTP5UxPAJ6j2Z
jXY5FalmSaQeZcMdj5g/vifA0wMO+Rg95CU8FvvifL8cVQc74NCbV9eC9zlgK/C+Tyrm
jN0jb7sUxeoyss9andvOadmg/gv28D3OJUxurUTjix88WA7i5zJHVcK4DHoKnCwpUmU6
YJphsP9hmfE34GS6wasqPDfRDpo2HmXQZAgCOBXhnsvdN9gAUZXKITAcNltb8QGpS49W
9Tgw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:content-transfer-encoding:mime-version
:message-id:date:subject:cc:to:from:dkim-signature:dkim-signature;
bh=R9E343hTmVMkaYF9j4EIzcOLH/Va29Qgqy6eESAuotI=;
b=e/MWZFzsAYwcsaEW6t06RoB7NMCFditTkeWYy5+t65YhYKKpQSYGg/Af7GCQyN2BZt
wsF6zZ3tLA2l2fQb3zfIB5tQy8I3fKqjJ6d3sLVr3pE9az+Y8yG3+RtPbgsjqV/YBShg
GmkEXvn3cZiPkunq5N5L8lRJl8t59DvD8QHeUwqYHxqoq9j9t47JEs5EdLeiwzbNj9QW
oryYyLvM6aphc6ABniTQuvkLhJFLTomaQdAtHlPVPej7ZvMaIBGr+5aptWjraFl51VLU
VSf4dMglRhvFis8rpaP9JMxWlML5vqUDfEySb1sMTS8b95neWcCHT2FkmyoJZEBxOjdM
MWKA==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@suse.de header.s=susede2_rsa header.b=OUREKcIn;
dkim=neutral (no key) header.i=@suse.de;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=suse.de
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
by mx.google.com with ESMTP id
ot3-20020a17090b3b4300b002239c987051si87449pjb.128.2023.03.06.08.02.50;
Mon, 06 Mar 2023 08:03:05 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
dkim=pass header.i=@suse.de header.s=susede2_rsa header.b=OUREKcIn;
dkim=neutral (no key) header.i=@suse.de;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=suse.de
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S230165AbjCFQAl (ORCPT <rfc822;toshivichauhan@gmail.com>
+ 99 others); Mon, 6 Mar 2023 11:00:41 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41170 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S230217AbjCFQA2 (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Mon, 6 Mar 2023 11:00:28 -0500
Received: from smtp-out2.suse.de (smtp-out2.suse.de [195.135.220.29])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E2A872410D;
Mon, 6 Mar 2023 08:00:25 -0800 (PST)
Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de
[192.168.254.74])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature ECDSA (P-521) server-digest
SHA512)
(No client certificate requested)
by smtp-out2.suse.de (Postfix) with ESMTPS id 7F5FD1FDE7;
Mon, 6 Mar 2023 16:00:24 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de;
s=susede2_rsa;
t=1678118424;
h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc:
mime-version:mime-version:
content-transfer-encoding:content-transfer-encoding;
bh=R9E343hTmVMkaYF9j4EIzcOLH/Va29Qgqy6eESAuotI=;
b=OUREKcInXmanxs2PAF8o4DAvPOX/O4raO5rAwJJOzNY834dqRLTJdZkwoSocpXmLDyN0E+
vCtmK3HZy6nW2phvDJIpSiuO56Ukf6DC1tbq8xz7QD6LQu0nfSD4sfaTG7kRrcGh81906l
fLlv4i/qanJ2BY1ierWbbrjzbMIYf90=
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de;
s=susede2_ed25519; t=1678118424;
h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc:
mime-version:mime-version:
content-transfer-encoding:content-transfer-encoding;
bh=R9E343hTmVMkaYF9j4EIzcOLH/Va29Qgqy6eESAuotI=;
b=s1Yu90c+fAavjp6B0NjVSLZz3hTMwwHUkdiskHSPi9V+dY/D9ZOdaKMUxGnqrVbvkMGJmo
2KkYxhrJeAZiKnAg==
Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de
[192.168.254.74])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature ECDSA (P-521) server-digest
SHA512)
(No client certificate requested)
by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id 2AF5F13513;
Mon, 6 Mar 2023 16:00:24 +0000 (UTC)
Received: from dovecot-director2.suse.de ([192.168.254.65])
by imap2.suse-dmz.suse.de with ESMTPSA
id ZiizCRgOBmQ/PwAAMHmgww
(envelope-from <tzimmermann@suse.de>); Mon, 06 Mar 2023 16:00:24 +0000
From: Thomas Zimmermann <tzimmermann@suse.de>
To: deller@gmx.de, paulus@samba.org, benh@kernel.crashing.org,
linux@armlinux.org.uk, pjones@redhat.com, timur@kernel.org,
adaplas@gmail.com, s.hauer@pengutronix.de, shawnguo@kernel.org,
mbroemme@libmpq.org, thomas@winischhofer.net,
James.Bottomley@HansenPartnership.com, spock@gentoo.org,
sudipm.mukherjee@gmail.com, teddy.wang@siliconmotion.com,
geert+renesas@glider.be, corbet@lwn.net
Cc: linux-fbdev@vger.kernel.org, dri-devel@lists.freedesktop.org,
linux-kernel@vger.kernel.org,
Thomas Zimmermann <tzimmermann@suse.de>
Subject: [PATCH 00/99] fbdev: Fix memory leak in option parsing
Date: Mon, 6 Mar 2023 16:58:37 +0100
Message-Id: <20230306160016.4459-1-tzimmermann@suse.de>
X-Mailer: git-send-email 2.39.2
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIM_SIGNED,
DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE,
SPF_PASS autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1759634873704370505?=
X-GMAIL-MSGID: =?utf-8?q?1759634873704370505?=
|
| Series |
fbdev: Fix memory leak in option parsing
|
|
Message
Thomas Zimmermann
March 6, 2023, 3:58 p.m. UTC
Introduce struct option_iter and helpers to parse command-line
options with comma-separated key-value pairs. Then convert fbdev
drivers to the new interface. Fixes a memory leak in the parsing of
the video= option.
Before commit 73ce73c30ba9 ("fbdev: Transfer video= option strings to
caller; clarify ownership"), a call to fb_get_options() either
returned an internal string or a duplicated string; hence ownership of
the string's memory buffer was not well defined, but depended on how
users specified the video= option on the kernel command line. For
global settings, the caller owned the returned memory and for per-driver
settings, fb_get_options() owned the memory. As calling drivers were
unable to detect the case, the memory was leaked.
Commit 73ce73c30ba9 ("fbdev: Transfer video= option strings to caller;
clarify ownership") changed sematics to caller-owned strings. Drivers
still leaked the memory, but at least ownership was clear.
This patchset fixes the memory leak and changes string ownership back
to fb_get_options(). Patch 1 introduces struct option_iter and a few
helpers. The interface takes an option string, such as video=, in the
common form value1,key2:value2,value3 etc and returns the individial
comma-separated pairs. Various modules use this pattern, so the code
is located under lib/.
Patches 2 to 98 go through fbdev drivers and convert them to the new
interface. This often requires a number of cleanups. A driver would
typically refer to the option string's video mode. Such strings are now
copied to driver-allocated memory so that drivers don't refer directly
to the option string's memory. The option iterator then replaces manual
parsing loops based on strsep(",").
Patch 99 finally changes the ownership of the option string to be
internal to fb_get_option(); thereby fixing the memory leak. The option
iterator holds its own copy of the string and is not affected by the
change.
Most fbdev drivers only support to parse option strings if they are
built-in. I assume that's because of the original fuzzy semantics of
fb_get_options(). A later patchset could change the driver to respect
video= settings in any configuration.
Thomas Zimmermann (99):
lib: Add option iterator
fbdev/68328fb: Remove trailing whitespaces
fbdev/68328fb: Remove unused option string
fbdev/acornfb: Only init fb_info once
fbdev/acornfb: Parse option string with struct option_iter
fbdev/amifb: Duplicate video-mode option string
fbdev/amifb: Parse option string with struct option_iter
fbdev/arkfb: Duplicate video-mode option string
fbdev/atafb: Duplicate video-mode option string
fbdev/atafb: Parse option string with struct option_iter
fbdev/aty: Duplicate video-mode option string
fbdev/aty: Parse option string with struct option_iter
fbdev/au1100fb: Parse option string with struct option_iter
fbdev/au1200fb: Parse option string with struct option_iter
fbdev/cirrusfb: Duplicate video-mode option string
fbdev/cirrusfb: Parse option string with struct option_iter
fbdev/controlfb: Remove trailing whitespaces
fbdev/controlfb: Parse option string with struct option_iter
fbdev/cyber2000fb: Parse option string with struct option_iter
fbdev/efifb: Parse option string with struct option_iter
fbdev/fm2fb: Parse option string with struct option_iter
fbdev/fsl-diu-fb: Duplicate video-mode option string
fbdev/fsl-diu-fb: Parse option string with struct option_iter
fbdev/gbefb: Duplicate video-mode option string
fbdev/gbefb: Parse option string with struct option_iter
fbdev/geode: Duplicate video-mode option string
fbdev/geode: Parse option string with struct option_iter
fbdev/grvga: Duplicate video-mode option string
fbdev/grvga: Parse option string with struct option_iter
fbdev/gxt4500: Duplicate video-mode option string
fbdev/hyperv_fb: Duplicate video-mode option string
fbdev/i740fb: Duplicate video-mode option string
fbdev/i740fb: Parse option string with struct option_iter
fbdev/i810: Duplicate video-mode option string
fbdev/i810: Parse option string with struct option_iter
fbdev/imsttfb: Parse option string with struct option_iter
fbdev/intelfb: Duplicate video-mode option string
fbdev/intelfb: Parse option string with struct option_iter
fbdev/imxfb: Duplicate video-mode option string
fbdev/imxfb: Parse option string with struct option_iter
fbdev/kyrofb: Duplicate video-mode option string
fbdev/kyrofb: Parse option string with struct option_iter
fbdev/macfb: Remove trailing whitespaces
fbdev/macfb: Parse option string with struct option_iter
fbdev/matroxfb: Parse option string with struct option_iter
fbdev/mx3fb: Duplicate video-mode option string
fbdev/mx3fb: Parse option string with struct option_iter
fbdev/neofb: Duplicate video-mode option string
fbdev/neofb: Parse option string with struct option_iter
fbdev/nvidiafb: Duplicate video-mode option string
fbdev/nvidiafb: Parse option string with struct option_iter
fbdev/ocfb: Duplicate video-mode option string
fbdev/ocfb: Parse option string with struct option_iter
fbdev/omapfb: Parse option string with struct option_iter
fbdev/platinumfb: Remove trailing whitespaces
fbdev/platinumfb: Parse option string with struct option_iter
fbdev/pm2fb: Duplicate video-mode option string
fbdev/pm2fb: Parse option string with struct option_iter
fbdev/pm3fb: Duplicate video-mode option string
fbdev/pm3fb: Parse option string with struct option_iter
fbdev/ps3fb: Duplicate video-mode option string
fbdev/ps3fb: Parse option string with struct option_iter
fbdev/pvr2fb: Duplicate video-mode option string
fbdev/pvr2fb: Parse option string with struct option_iter
fbdev/pxafb: Parse option string with struct option_iter
fbdev/rivafb: Duplicate video-mode option string
fbdev/rivafb: Parse option string with struct option_iter
fbdev/s3fb: Duplicate video-mode option string
fbdev/s3fb: Parse option string with struct option_iter
fbdev/savagefb: Duplicate video-mode option string
fbdev/savagefb: Parse option string with struct option_iter
fbdev/sisfb: Constify mode string
fbdev/sisfb: Parse option string with struct option_iter
fbdev/skeletonfb: Parse option string with struct option_iter
fbdev/sm712fb: Duplicate video-mode option string
fbdev/sstfb: Duplicate video-mode option string
fbdev/sstfb: Parse option string with struct option_iter
fbdev/stifb: Remove trailing whitespaces
fbdev/sti: Constify option string
fbdev/tdfxfb: Duplicate video-mode option string
fbdev/tdfxfb: Parse option string with struct option_iter
fbdev/tgafb: Duplicate video-mode option string
fbdev/tgafb: Parse option string with struct option_iter
fbdev/tmiofb: Remove unused option string
fbdev/tridentfb: Duplicate video-mode option string
fbdev/tridentfb: Parse option string with struct option_iter
fbdev/uvesafb: Duplicate video-mode option string
fbdev/uvesafb: Parse option string with struct option_iter
fbdev/valkyriefb: Remove trailing whitespaces
fbdev/valkyriefb: Parse option string with struct option_iter
fbdev/vermilion: Remove unused option string
fbdev/vesafb: Parse option string with struct option_iter
fbdev/vfb: Remove trailing whitespaces
fbdev/vfb: Duplicate video-mode option string
fbdev/vfb: Parse option string with struct option_iter
fbdev/viafb: Parse option string with struct option_iter
fbdev/vt8623fb: Duplicate video-mode option string
staging/sm750fb: Parse option string with struct option_iter
fbdev: Constify option strings
Documentation/core-api/kernel-api.rst | 9 ++
drivers/staging/sm750fb/sm750.c | 45 +++---
drivers/video/fbdev/68328fb.c | 24 +--
drivers/video/fbdev/acornfb.c | 25 ++-
drivers/video/fbdev/amifb.c | 30 ++--
drivers/video/fbdev/arkfb.c | 15 +-
drivers/video/fbdev/atafb.c | 25 ++-
drivers/video/fbdev/aty/aty128fb.c | 28 +++-
drivers/video/fbdev/aty/atyfb_base.c | 29 +++-
drivers/video/fbdev/aty/radeon_base.c | 32 ++--
drivers/video/fbdev/au1100fb.c | 13 +-
drivers/video/fbdev/au1200fb.c | 15 +-
drivers/video/fbdev/cirrusfb.c | 37 +++--
drivers/video/fbdev/controlfb.c | 49 +++---
drivers/video/fbdev/core/fb_cmdline.c | 13 +-
drivers/video/fbdev/core/modedb.c | 8 +-
drivers/video/fbdev/cyber2000fb.c | 19 +--
drivers/video/fbdev/efifb.c | 48 +++---
drivers/video/fbdev/ep93xx-fb.c | 2 +-
drivers/video/fbdev/fm2fb.c | 16 +-
drivers/video/fbdev/fsl-diu-fb.c | 30 ++--
drivers/video/fbdev/gbefb.c | 25 +--
drivers/video/fbdev/geode/gx1fb_core.c | 18 +--
drivers/video/fbdev/geode/gxfb_core.c | 25 +--
drivers/video/fbdev/geode/lxfb_core.c | 29 ++--
drivers/video/fbdev/grvga.c | 32 +++-
drivers/video/fbdev/gxt4500.c | 18 ++-
drivers/video/fbdev/hyperv_fb.c | 18 ++-
drivers/video/fbdev/i740fb.c | 32 ++--
drivers/video/fbdev/i810/i810_main.c | 30 +++-
drivers/video/fbdev/imsttfb.c | 18 ++-
drivers/video/fbdev/imxfb.c | 23 ++-
drivers/video/fbdev/intelfb/intelfbdrv.c | 29 +++-
drivers/video/fbdev/kyro/fbdev.c | 27 ++--
drivers/video/fbdev/macfb.c | 28 ++--
drivers/video/fbdev/matrox/matroxfb_base.c | 21 +--
drivers/video/fbdev/mx3fb.c | 27 +++-
drivers/video/fbdev/neofb.c | 32 ++--
drivers/video/fbdev/nvidia/nvidia.c | 32 ++--
drivers/video/fbdev/ocfb.c | 25 ++-
drivers/video/fbdev/omap/omapfb_main.c | 15 +-
drivers/video/fbdev/platinumfb.c | 46 +++---
drivers/video/fbdev/pm2fb.c | 31 ++--
drivers/video/fbdev/pm3fb.c | 33 ++--
drivers/video/fbdev/ps3fb.c | 32 ++--
drivers/video/fbdev/pvr2fb.c | 29 ++--
drivers/video/fbdev/pxafb.c | 20 ++-
drivers/video/fbdev/riva/fbdev.c | 32 ++--
drivers/video/fbdev/s3fb.c | 33 ++--
drivers/video/fbdev/savage/savagefb_driver.c | 26 ++-
drivers/video/fbdev/sis/sis_main.c | 26 +--
drivers/video/fbdev/skeletonfb.c | 17 +-
drivers/video/fbdev/sm712fb.c | 19 ++-
drivers/video/fbdev/sstfb.c | 31 ++--
drivers/video/fbdev/stifb.c | 162 +++++++++----------
drivers/video/fbdev/tdfxfb.c | 27 ++--
drivers/video/fbdev/tgafb.c | 35 ++--
drivers/video/fbdev/tmiofb.c | 24 +--
drivers/video/fbdev/tridentfb.c | 33 ++--
drivers/video/fbdev/uvesafb.c | 27 ++--
drivers/video/fbdev/valkyriefb.c | 32 ++--
drivers/video/fbdev/vermilion/vermilion.c | 7 +-
drivers/video/fbdev/vesafb.c | 18 ++-
drivers/video/fbdev/vfb.c | 41 +++--
drivers/video/fbdev/via/viafbdev.c | 17 +-
drivers/video/fbdev/vt8623fb.c | 16 +-
include/linux/cmdline.h | 29 ++++
include/linux/fb.h | 2 +-
lib/Makefile | 2 +-
lib/cmdline_iter.c | 97 +++++++++++
70 files changed, 1252 insertions(+), 708 deletions(-)
create mode 100644 include/linux/cmdline.h
create mode 100644 lib/cmdline_iter.c
Comments
Hi Thomas, On Mon, Mar 6, 2023 at 5:00 PM Thomas Zimmermann <tzimmermann@suse.de> wrote: > Introduce struct option_iter and helpers to parse command-line > options with comma-separated key-value pairs. Then convert fbdev > drivers to the new interface. Fixes a memory leak in the parsing of > the video= option. > > Before commit 73ce73c30ba9 ("fbdev: Transfer video= option strings to > caller; clarify ownership"), a call to fb_get_options() either > returned an internal string or a duplicated string; hence ownership of > the string's memory buffer was not well defined, but depended on how > users specified the video= option on the kernel command line. For > global settings, the caller owned the returned memory and for per-driver > settings, fb_get_options() owned the memory. As calling drivers were > unable to detect the case, the memory was leaked. > > Commit 73ce73c30ba9 ("fbdev: Transfer video= option strings to caller; > clarify ownership") changed sematics to caller-owned strings. Drivers > still leaked the memory, but at least ownership was clear. > > This patchset fixes the memory leak and changes string ownership back > to fb_get_options(). Patch 1 introduces struct option_iter and a few > helpers. The interface takes an option string, such as video=, in the > common form value1,key2:value2,value3 etc and returns the individial > comma-separated pairs. Various modules use this pattern, so the code > is located under lib/. > > Patches 2 to 98 go through fbdev drivers and convert them to the new > interface. This often requires a number of cleanups. A driver would > typically refer to the option string's video mode. Such strings are now > copied to driver-allocated memory so that drivers don't refer directly > to the option string's memory. The option iterator then replaces manual > parsing loops based on strsep(","). Thanks for your series! Unfortunately I cannot say I'm thrilled about this: you are replacing a single small dynamic memory leak by 36 larger static memory leaks. Am I missing something? Gr{oetje,eeting}s, Geert
Hi Geert Am 07.03.23 um 08:53 schrieb Geert Uytterhoeven: > Hi Thomas, > > On Mon, Mar 6, 2023 at 5:00 PM Thomas Zimmermann <tzimmermann@suse.de> wrote: >> Introduce struct option_iter and helpers to parse command-line >> options with comma-separated key-value pairs. Then convert fbdev >> drivers to the new interface. Fixes a memory leak in the parsing of >> the video= option. >> >> Before commit 73ce73c30ba9 ("fbdev: Transfer video= option strings to >> caller; clarify ownership"), a call to fb_get_options() either >> returned an internal string or a duplicated string; hence ownership of >> the string's memory buffer was not well defined, but depended on how >> users specified the video= option on the kernel command line. For >> global settings, the caller owned the returned memory and for per-driver >> settings, fb_get_options() owned the memory. As calling drivers were >> unable to detect the case, the memory was leaked. >> >> Commit 73ce73c30ba9 ("fbdev: Transfer video= option strings to caller; >> clarify ownership") changed sematics to caller-owned strings. Drivers >> still leaked the memory, but at least ownership was clear. >> >> This patchset fixes the memory leak and changes string ownership back >> to fb_get_options(). Patch 1 introduces struct option_iter and a few >> helpers. The interface takes an option string, such as video=, in the >> common form value1,key2:value2,value3 etc and returns the individial >> comma-separated pairs. Various modules use this pattern, so the code >> is located under lib/. >> >> Patches 2 to 98 go through fbdev drivers and convert them to the new >> interface. This often requires a number of cleanups. A driver would >> typically refer to the option string's video mode. Such strings are now >> copied to driver-allocated memory so that drivers don't refer directly >> to the option string's memory. The option iterator then replaces manual >> parsing loops based on strsep(","). > > Thanks for your series! > > Unfortunately I cannot say I'm thrilled about this: you are replacing > a single small dynamic memory leak by 36 larger static memory leaks. That's fair enough. > Am I missing something? The current size of the videomode buffers is ridiculously large. I just needed something that could hold the string. A long mode description might look like 1920x1080MR-32@120ime which has 21 characters. 32-byte buffers would probably be more than enough. I think it should also be possible to do a simple kstrdup() on the given videomode string and free the copy in the module's _fini function. That also brings up the question of these MODULE ifdefs. Almost all of the fbdev drivers only parse the command-line option if they are not build as a module. Do you know why? Because of the awkward semantics of the old fb_get_options()? I think this should be changed so that they always respect the video= parameter. Best regards Thomas > > Gr{oetje,eeting}s, > > Geert > -- Thomas Zimmermann Graphics Driver Developer SUSE Software Solutions Germany GmbH Maxfeldstr. 5, 90409 Nürnberg, Germany (HRB 36809, AG Nürnberg) Geschäftsführer: Ivo Totev
Hi Thomas, On Tue, Mar 7, 2023 at 9:23 AM Thomas Zimmermann <tzimmermann@suse.de> wrote: > Am 07.03.23 um 08:53 schrieb Geert Uytterhoeven: > > On Mon, Mar 6, 2023 at 5:00 PM Thomas Zimmermann <tzimmermann@suse.de> wrote: > >> Introduce struct option_iter and helpers to parse command-line > >> options with comma-separated key-value pairs. Then convert fbdev > >> drivers to the new interface. Fixes a memory leak in the parsing of > >> the video= option. > >> > >> Before commit 73ce73c30ba9 ("fbdev: Transfer video= option strings to > >> caller; clarify ownership"), a call to fb_get_options() either > >> returned an internal string or a duplicated string; hence ownership of > >> the string's memory buffer was not well defined, but depended on how > >> users specified the video= option on the kernel command line. For > >> global settings, the caller owned the returned memory and for per-driver > >> settings, fb_get_options() owned the memory. As calling drivers were > >> unable to detect the case, the memory was leaked. > >> > >> Commit 73ce73c30ba9 ("fbdev: Transfer video= option strings to caller; > >> clarify ownership") changed sematics to caller-owned strings. Drivers > >> still leaked the memory, but at least ownership was clear. > >> > >> This patchset fixes the memory leak and changes string ownership back > >> to fb_get_options(). Patch 1 introduces struct option_iter and a few > >> helpers. The interface takes an option string, such as video=, in the > >> common form value1,key2:value2,value3 etc and returns the individial > >> comma-separated pairs. Various modules use this pattern, so the code > >> is located under lib/. > >> > >> Patches 2 to 98 go through fbdev drivers and convert them to the new > >> interface. This often requires a number of cleanups. A driver would > >> typically refer to the option string's video mode. Such strings are now > >> copied to driver-allocated memory so that drivers don't refer directly > >> to the option string's memory. The option iterator then replaces manual > >> parsing loops based on strsep(","). > > > > Thanks for your series! > > > > Unfortunately I cannot say I'm thrilled about this: you are replacing > > a single small dynamic memory leak by 36 larger static memory leaks. > > That's fair enough. > > > Am I missing something? > > The current size of the videomode buffers is ridiculously large. I just > needed something that could hold the string. A long mode description > might look like > > 1920x1080MR-32@120ime > > which has 21 characters. 32-byte buffers would probably be more than enough. But there are a few exceptions... > I think it should also be possible to do a simple kstrdup() on the given > videomode string and free the copy in the module's _fini function. That sounds like the sanest approach to me. > That also brings up the question of these MODULE ifdefs. Almost all of > the fbdev drivers only parse the command-line option if they are not > build as a module. Do you know why? Because of the awkward semantics of > the old fb_get_options()? That's just historical: to get to see anything on the console (on the graphics hardware without VGA text mode that fbdev was originally developed for), you needed to have your main fbdev driver builtin. Drivers for secondary displays could be loadable modules, and using fbset for those offered more flexibility than a module parameter. > I think this should be changed so that they > always respect the video= parameter. I agree that makes sense. Gr{oetje,eeting}s, Geert