Message ID | 20230811193034.59124-1-brgl@bgdev.pl |
---|---|
State | New |
Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org> Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b824:0:b0:3f2:4152:657d with SMTP id z4csp1352263vqi; Fri, 11 Aug 2023 14:01:09 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFERcLx30FrmqjLxatlQIdTU6dV77NkxVAYrzwSJawCXUdXQvmzqgAQBk9C/c6+/WemlafR X-Received: by 2002:a17:906:8471:b0:993:d617:bdc8 with SMTP id hx17-20020a170906847100b00993d617bdc8mr2373279ejc.7.1691787669193; Fri, 11 Aug 2023 14:01:09 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691787669; cv=none; d=google.com; s=arc-20160816; b=MQod7iuA/n7H9HQSg/rUYmOhjyrMGQdCkao+P0jKJIvjXPaVzNrCVcJTYbpIhbfq+J 9Sc3RjuAlVPvTzGSc6xXjzOv14fLVFUzme4mEVaAiMNJiL0gNFvvA0K42fPU4vTnXRUr Uq1y1775CsuxCZ+8rIn1sohGpspIkvJGGC1xo6dVVFVTT0oXOya7y3cqmtfTfE+WOcRt YpBv9N17/xIIrMnQkmUkyY+WttODEydo/8ZCBc7W5ihy1WKZe2J6w/sIhI73icIuS9oy o0SW3Yi9+IJ5O6R9B8+Vy3dNEtbKMEBMeg/X5mR0dGRxVLsh0oGC6cOi7uJPz2zH25Dj vtig== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=nHAG8ZwFEDy1+22mRF7CGDpzGtcaDo1M+JtJ4MZhhsI=; fh=rCqKS5Wgxyvu9nhWEkn7CU+OTiPpAXAWtEe1ogm7zOc=; b=RmRBu+7vKmmbZwzCoDaOZICEcezmhDLPl5b2L29uWr+i+BXigu/4c9Acl8HzhrphQ8 aoW2jyX6pAW5x7m3sM/XE60QAtuJ4LRgvP7OQK0JtGlfnqlOplGttOXsB86vEK7RalD7 hQP3wvKk3auujhNJIuWgvWrni3UQmY0kF4heM8rX792YcwF+gn2lf4pJ6FIlgYF3uqHo F1n4Qn9A/Wk+pInkP0n5vK3nKldx3p9EHB88qGfsTrVs8ZHlHV6b9RRNfW5Fcc5bAtNq pt9Xbdje7Z6X1jjMVGl01U1j/PP5IVxU4VZQlctnY/k5pALGKxQTmPPpAEKReaCp0DpW ID6A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@bgdev-pl.20221208.gappssmtp.com header.s=20221208 header.b=Isfkv6zL; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id oz2-20020a170906cd0200b0099bd8c1f67csi3915684ejb.499.2023.08.11.14.00.39; Fri, 11 Aug 2023 14:01:09 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@bgdev-pl.20221208.gappssmtp.com header.s=20221208 header.b=Isfkv6zL; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236294AbjHKTao (ORCPT <rfc822;lanlanxiyiji@gmail.com> + 99 others); Fri, 11 Aug 2023 15:30:44 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60244 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234977AbjHKTan (ORCPT <rfc822;linux-kernel@vger.kernel.org>); Fri, 11 Aug 2023 15:30:43 -0400 Received: from mail-wm1-x32d.google.com (mail-wm1-x32d.google.com [IPv6:2a00:1450:4864:20::32d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F2FDF30EC for <linux-kernel@vger.kernel.org>; Fri, 11 Aug 2023 12:30:39 -0700 (PDT) Received: by mail-wm1-x32d.google.com with SMTP id 5b1f17b1804b1-3fe1e1142caso21449675e9.0 for <linux-kernel@vger.kernel.org>; Fri, 11 Aug 2023 12:30:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bgdev-pl.20221208.gappssmtp.com; s=20221208; t=1691782238; x=1692387038; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=nHAG8ZwFEDy1+22mRF7CGDpzGtcaDo1M+JtJ4MZhhsI=; b=Isfkv6zLg3PKRw2CBDcIVio35wCeLiSdiL+Z3RY3FUh4m1FwrSdQUpnYPzQG5cCul9 PDS2APFvIxVb5L0PkvpuEKcVe/D5eI8UIA2eTRTqHBaEV5Ef1ssMIRdLTFNYC3XoSmKs yMDO/dGHH1u0iUrCV0SJD0LBlAxPPu30JArxOjpmfNWk3chdpf9+87UXeIhhx1UJBivw Z/y72iBXdFFSy3w10pa8uVeOVCHxnuX0YBv5qM8pZ7zvoEx0iHRI07mwiVYkgU1FtKJm F/icL0y1B25TMfmJGTkPHegOBp9VIc3e24aBVuEq6mQpA8UyGJN+NOoKngpQMTh9f1XA F1QQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691782238; x=1692387038; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=nHAG8ZwFEDy1+22mRF7CGDpzGtcaDo1M+JtJ4MZhhsI=; b=aZERCoXEumvMskZqMcJZh5D4MG9tu/jxgBWt4hcIdQdVv/MtD0kKL48HqBvhoXV7u3 70bAwtd27ewrF1ucPSZeGMtE7RMLLzwm5ke6V7Ph/eCQfBiGzru01IEDi10leWIMZYrC oqwkccdcpL5m7BBFuNhBZQppPmNDF518FsKo9/ZJ6VJUn4mUzZMavf5J+94NKVuyryUx 5WOKtUwRp+l0vm8ZQv4Fv8TuBeYwiUIozh7KeSAPpwG0orUO+n9I3z1hhNMlOR2R7tsW Ni+jJrwAW3T1TsNDsA0wiKk3yFUOR4aEE7wu9klQhqKchcI8XpCPJYPhma+vwHfkbGhc Wgtw== X-Gm-Message-State: AOJu0YyJQvaIxb5CAjNnqj/urSdim7iE+AXFfhafEKGtU2dzMopezkt4 3yfF5lg9fZph8piUB/yRlisgmCkyetRWCnem+Fcr9A== X-Received: by 2002:a05:6000:885:b0:315:8f4f:81b8 with SMTP id cs5-20020a056000088500b003158f4f81b8mr2014081wrb.50.1691782238392; Fri, 11 Aug 2023 12:30:38 -0700 (PDT) Received: from brgl-uxlite.home ([2a01:cb1d:334:ac00:d0f3:773f:e87a:3b82]) by smtp.gmail.com with ESMTPSA id i10-20020a5d438a000000b0031760af2331sm6226130wrq.100.2023.08.11.12.30.37 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 11 Aug 2023 12:30:37 -0700 (PDT) From: Bartosz Golaszewski <brgl@bgdev.pl> To: Linus Walleij <linus.walleij@linaro.org>, Andy Shevchenko <andriy.shevchenko@linux.intel.com>, Kent Gibson <warthog618@gmail.com> Cc: linux-gpio@vger.kernel.org, linux-kernel@vger.kernel.org, Bartosz Golaszewski <bartosz.golaszewski@linaro.org> Subject: [PATCH v3] gpiolib: fix reference leaks when removing GPIO chips still in use Date: Fri, 11 Aug 2023 21:30:34 +0200 Message-Id: <20230811193034.59124-1-brgl@bgdev.pl> X-Mailer: git-send-email 2.39.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_NONE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: <linux-kernel.vger.kernel.org> X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1773870996374538844 X-GMAIL-MSGID: 1773967947077243382 |
Series |
[v3] gpiolib: fix reference leaks when removing GPIO chips still in use
|
|
Commit Message
Bartosz Golaszewski
Aug. 11, 2023, 7:30 p.m. UTC
From: Bartosz Golaszewski <bartosz.golaszewski@linaro.org> After we remove a GPIO chip that still has some requested descriptors, gpiod_free_commit() will fail and we will never put the references to the GPIO device and the owning module in gpiod_free(). Rework this function to: - not warn on desc == NULL as this is a use-case on which most free functions silently return - put the references to desc->gdev and desc->gdev->owner unconditionally so that the release callback actually gets called when the remaining references are dropped by external GPIO users Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@linaro.org> --- v1 -> v2: - add a comment about why we can't use VALIDATE_DESC_VOID() v2 -> v3: - we must drop the reference to the owner module before we drop the one to the gpio_device as the latter may be removed if this is the last reference and we'll end up calling module_put() on freed memory drivers/gpio/gpiolib.c | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-)
Comments
On Tue, Aug 15, 2023 at 03:07:50PM +0200, Linus Walleij wrote: > On Tue, Aug 15, 2023 at 2:57 PM Andy Shevchenko > <andriy.shevchenko@linux.intel.com> wrote: > > On Tue, Aug 15, 2023 at 01:40:22PM +0200, Linus Walleij wrote: > > > On Tue, Aug 15, 2023 at 11:50 AM Andy Shevchenko > > > <andriy.shevchenko@linux.intel.com> wrote: > > > > On Fri, Aug 11, 2023 at 09:30:34PM +0200, Bartosz Golaszewski wrote: ... > > > > > + module_put(desc->gdev->owner); > > > > > + gpio_device_put(desc->gdev); > > > > > > > > So, if gdev can be NULL, you will get an Oops with new code. > > > > > > I read it such that gdev->chip can be NULL, but not gdev, > > > and desc->gdev->owner is fine to reference? > > > > Basically the Q is > > "if desc is non-NULL, does it guarantee that gdev is non-NULL either?" > > gdev->desc is assigned in one single spot, which is in > gpiochip_add_data_with_key(): > > for (i = 0; i < gc->ngpio; i++) > gdev->descs[i].gdev = gdev; > > It is never assigned anywhere else, so I guess yes. > > We may also ask if it is ever invalid (i.e. if desc->gdev can point to > junk). > > A gdev turns to junk when its reference count goes down to zero > and gpiodev_release() is called effectively calling kfree() on the > struct gpio_device *. > > But that can only happen as a result of module_put() getting > called, pulling the references down to zero. Which is what we > are discussing. The line after module_put(), desc->gdev > *could* be NULL. Yes. > But then we just call gpio_device_put(desc->gdev) which is > just a call to device_put(), which is NULL-tolerant. But gpio_device_put() does not NULL tolerant. So, oops in this line then.
diff --git a/drivers/gpio/gpiolib.c b/drivers/gpio/gpiolib.c index 251c875b5c34..76e0c38026c3 100644 --- a/drivers/gpio/gpiolib.c +++ b/drivers/gpio/gpiolib.c @@ -2167,12 +2167,18 @@ static bool gpiod_free_commit(struct gpio_desc *desc) void gpiod_free(struct gpio_desc *desc) { - if (desc && desc->gdev && gpiod_free_commit(desc)) { - module_put(desc->gdev->owner); - gpio_device_put(desc->gdev); - } else { + /* + * We must not use VALIDATE_DESC_VOID() as the underlying gdev->chip + * may already be NULL but we still want to put the references. + */ + if (!desc) + return; + + if (!gpiod_free_commit(desc)) WARN_ON(extra_checks); - } + + module_put(desc->gdev->owner); + gpio_device_put(desc->gdev); } /**