On Tue, Feb 05, 2019 at 10:22:50AM -0500, Sven Van Asbroeck wrote: > On Tue, Feb 5, 2019 at 9:57 AM Kees Cook <keesc...@chromium.org> wrote: > > > > > > Can a Coccinelle script get written to find module-use of the non-devm > > work init? > > My thoughts exactly ! But sadly I'm not a Coccinelle expert. I did > look briefly at > its syntax, but I didn't immediately "get" how Cocci could find this class of > errors, without a huge false positive rate (which would make it worse than > useless). > > > > > It seems like finding these in __init functions should be relatively > > easy? (Or can we add runtime detection in the existing INIT_*WORK() > > code to see if it is running from the wrong place?) > > > > IMHO the problem isn't that they're called from __init functions. > Also, nothing is > wrong with the location of INIT_*WORK per se. > > The real problem is that developers overlook calling cancel_work_sync() > on unload. I'm not sure how we could bolt on runtime detection to catch > a *missing* function. Again, without causing tons of false positives.
It really should happen when the device is removed (if it is a driver that binds to a device.) If this is not a driver, then there should be some way to scan that cancel_work_sync() is never called or not, right? thanks, greg k-h
