of: overlay: add tests to validate kfrees from overlay removal

commit 144552c786925314c1e7cb8f91a71dae1aca8798 upstream.

Add checks:
  - attempted kfree due to refcount reaching zero before overlay
    is removed
  - properties linked to an overlay node when the node is removed
  - node refcount > one during node removal in a changeset destroy,
    if the node was created by the changeset

After applying this patch, several validation warnings will be
reported from the devicetree unittest during boot due to
pre-existing devicetree bugs. The warnings will be similar to:

  OF: ERROR: of_node_release(), unexpected properties in /testcase-data/overlay-node/test-bus/test-unittest11
  OF: ERROR: memory leak, expected refcount 1 instead of 2, of_node_get()/of_node_put() unbalanced - destroy cset entry: attach overlay node /testcase-data-2/substation@100/
  hvac-medium-2

Tested-by: Alan Tull <atull@kernel.org>
Signed-off-by: Frank Rowand <frank.rowand@sony.com>
Cc: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/drivers/of/dynamic.c b/drivers/of/dynamic.c
index ecea92f..0ea0b8f 100644 (file)
--- a/drivers/of/dynamic.c
+++ b/drivers/of/dynamic.c
@@ -333,6 +333,25 @@ void of_node_release(struct kobject *kobj)
        if (!of_node_check_flag(node, OF_DYNAMIC))
                return;
 
+       if (of_node_check_flag(node, OF_OVERLAY)) {
+
+               if (!of_node_check_flag(node, OF_OVERLAY_FREE_CSET)) {
+                       /* premature refcount of zero, do not free memory */
+                       pr_err("ERROR: memory leak before free overlay changeset,  %pOF\n",
+                              node);
+                       return;
+               }
+
+               /*
+                * If node->properties non-empty then properties were added
+                * to this node either by different overlay that has not
+                * yet been removed, or by a non-overlay mechanism.
+                */
+               if (node->properties)
+                       pr_err("ERROR: %s(), unexpected properties in %pOF\n",
+                              __func__, node);
+       }
+
        property_list_free(node->properties);
        property_list_free(node->deadprops);
 
@@ -437,6 +456,16 @@ struct device_node *__of_node_dup(const struct device_node *np,
 
 static void __of_changeset_entry_destroy(struct of_changeset_entry *ce)
 {
+       if (ce->action == OF_RECONFIG_ATTACH_NODE &&
+           of_node_check_flag(ce->np, OF_OVERLAY)) {
+               if (kref_read(&ce->np->kobj.kref) > 1) {
+                       pr_err("ERROR: memory leak, expected refcount 1 instead of %d, of_node_get()/of_node_put() unbalanced - destroy cset entry: attach overlay node %pOF\n",
+                              kref_read(&ce->np->kobj.kref), ce->np);
+               } else {
+                       of_node_set_flag(ce->np, OF_OVERLAY_FREE_CSET);
+               }
+       }
+
        of_node_put(ce->np);
        list_del(&ce->node);
        kfree(ce);

diff --git a/drivers/of/overlay.c b/drivers/of/overlay.c
index 1e05819..7613f7d 100644 (file)
--- a/drivers/of/overlay.c
+++ b/drivers/of/overlay.c
@@ -373,6 +373,7 @@ static int add_changeset_node(struct overlay_changeset *ovcs,
                        return -ENOMEM;
 
                tchild->parent = target_node;
+               of_node_set_flag(tchild, OF_OVERLAY);
 
                ret = of_changeset_attach_node(&ovcs->cset, tchild);
                if (ret)

diff --git a/include/linux/of.h b/include/linux/of.h
index 99b0ebf..40e58b0 100644 (file)
--- a/include/linux/of.h
+++ b/include/linux/of.h
@@ -138,11 +138,16 @@ extern struct device_node *of_aliases;
 extern struct device_node *of_stdout;
 extern raw_spinlock_t devtree_lock;
 
-/* flag descriptions (need to be visible even when !CONFIG_OF) */
-#define OF_DYNAMIC     1 /* node and properties were allocated via kmalloc */
-#define OF_DETACHED    2 /* node has been detached from the device tree */
-#define OF_POPULATED   3 /* device already created for the node */
-#define OF_POPULATED_BUS       4 /* of_platform_populate recursed to children of this node */
+/*
+ * struct device_node flag descriptions
+ * (need to be visible even when !CONFIG_OF)
+ */
+#define OF_DYNAMIC             1 /* (and properties) allocated via kmalloc */
+#define OF_DETACHED            2 /* detached from the device tree */
+#define OF_POPULATED           3 /* device already created */
+#define OF_POPULATED_BUS       4 /* platform bus created for children */
+#define OF_OVERLAY             5 /* allocated for an overlay */
+#define OF_OVERLAY_FREE_CSET   6 /* in overlay cset being freed */
 
 #define OF_BAD_ADDR    ((u64)-1)