| Message ID | 20240130124828.14678-17-brgl@bgdev.pl |
|---|---|
| State | New |
| Headers | show |
| Series | gpio: rework locking and object life-time control | expand |
On Tue, Jan 30, 2024 at 1:48 PM Bartosz Golaszewski <brgl@bgdev.pl> wrote: > From: Bartosz Golaszewski <bartosz.golaszewski@linaro.org> > > Checking desc->gdev->chip for NULL without holding it in place with some > serializing mechanism is pointless. Remove this check. Also don't check > desc->gdev for NULL as it can never happen. > > Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@linaro.org> I don't know if I agree that it is pointless. It will work on any single-CPU system and 99.9% of other cases. On the other hand: what it is supposed to protect against is userspace doing calls to a gpio_device through the character device, while the backing struct gpio_chip is gone (e.g. a GPIO expander on USB, and someone pulled the cable), i.e. it became NULL, and this is why the error message says "backing device is gone". But I want to see where the series is going, maybe you fix this problem in the end, so I can come back and ACK this. Yours, Linus Walleij
On Wed, Jan 31, 2024 at 9:16 PM Linus Walleij <linus.walleij@linaro.org> wrote: > On Tue, Jan 30, 2024 at 1:48 PM Bartosz Golaszewski <brgl@bgdev.pl> wrote: > > > From: Bartosz Golaszewski <bartosz.golaszewski@linaro.org> > > > > Checking desc->gdev->chip for NULL without holding it in place with some > > serializing mechanism is pointless. Remove this check. Also don't check > > desc->gdev for NULL as it can never happen. > > > > Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@linaro.org> > > I don't know if I agree that it is pointless. It will work on any single-CPU > system and 99.9% of other cases. > > On the other hand: what it is supposed to protect against is userspace > doing calls to a gpio_device through the character device, while the > backing struct gpio_chip is gone (e.g. a GPIO expander on USB, > and someone pulled the cable), i.e. it became NULL, and this is why the > error message says "backing device is gone". > > But I want to see where the series is going, maybe you fix this > problem in the end, so I can come back and ACK this. Aha, it is fixed in patches 19+20. Maybe mention that we add a new protection later in the series in the commit message? Anyway, I get it now! Reviewed-by: Linus Walleij <linus.walleij@linaro.org> Yours, Linus Walleij
diff --git a/drivers/gpio/gpiolib.c b/drivers/gpio/gpiolib.c index ddf7d93f8b76..0cb44578bc72 100644 --- a/drivers/gpio/gpiolib.c +++ b/drivers/gpio/gpiolib.c @@ -2248,19 +2248,12 @@ static int validate_desc(const struct gpio_desc *desc, const char *func) { if (!desc) return 0; + if (IS_ERR(desc)) { pr_warn("%s: invalid GPIO (errorpointer)\n", func); return PTR_ERR(desc); } - if (!desc->gdev) { - pr_warn("%s: invalid GPIO (no device)\n", func); - return -EINVAL; - } - if (!desc->gdev->chip) { - dev_warn(&desc->gdev->dev, - "%s: backing chip is gone\n", func); - return 0; - } + return 1; } @@ -2336,12 +2329,7 @@ static bool gpiod_free_commit(struct gpio_desc *desc) void gpiod_free(struct gpio_desc *desc) { - /* - * We must not use VALIDATE_DESC_VOID() as the underlying gdev->chip - * may already be NULL but we still want to put the references. - */ - if (!desc) - return; + VALIDATE_DESC_VOID(desc); if (!gpiod_free_commit(desc)) WARN_ON(1);