| Message ID | 20230811193034.59124-1-brgl@bgdev.pl |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a59:b824:0:b0:3f2:4152:657d with SMTP id z4csp1352263vqi;
Fri, 11 Aug 2023 14:01:09 -0700 (PDT)
X-Google-Smtp-Source:
AGHT+IFERcLx30FrmqjLxatlQIdTU6dV77NkxVAYrzwSJawCXUdXQvmzqgAQBk9C/c6+/WemlafR
X-Received: by 2002:a17:906:8471:b0:993:d617:bdc8 with SMTP id
hx17-20020a170906847100b00993d617bdc8mr2373279ejc.7.1691787669193;
Fri, 11 Aug 2023 14:01:09 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1691787669; cv=none;
d=google.com; s=arc-20160816;
b=MQod7iuA/n7H9HQSg/rUYmOhjyrMGQdCkao+P0jKJIvjXPaVzNrCVcJTYbpIhbfq+J
9Sc3RjuAlVPvTzGSc6xXjzOv14fLVFUzme4mEVaAiMNJiL0gNFvvA0K42fPU4vTnXRUr
Uq1y1775CsuxCZ+8rIn1sohGpspIkvJGGC1xo6dVVFVTT0oXOya7y3cqmtfTfE+WOcRt
YpBv9N17/xIIrMnQkmUkyY+WttODEydo/8ZCBc7W5ihy1WKZe2J6w/sIhI73icIuS9oy
o0SW3Yi9+IJ5O6R9B8+Vy3dNEtbKMEBMeg/X5mR0dGRxVLsh0oGC6cOi7uJPz2zH25Dj
vtig==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:content-transfer-encoding:mime-version
:message-id:date:subject:cc:to:from:dkim-signature;
bh=nHAG8ZwFEDy1+22mRF7CGDpzGtcaDo1M+JtJ4MZhhsI=;
fh=rCqKS5Wgxyvu9nhWEkn7CU+OTiPpAXAWtEe1ogm7zOc=;
b=RmRBu+7vKmmbZwzCoDaOZICEcezmhDLPl5b2L29uWr+i+BXigu/4c9Acl8HzhrphQ8
aoW2jyX6pAW5x7m3sM/XE60QAtuJ4LRgvP7OQK0JtGlfnqlOplGttOXsB86vEK7RalD7
hQP3wvKk3auujhNJIuWgvWrni3UQmY0kF4heM8rX792YcwF+gn2lf4pJ6FIlgYF3uqHo
F1n4Qn9A/Wk+pInkP0n5vK3nKldx3p9EHB88qGfsTrVs8ZHlHV6b9RRNfW5Fcc5bAtNq
pt9Xbdje7Z6X1jjMVGl01U1j/PP5IVxU4VZQlctnY/k5pALGKxQTmPPpAEKReaCp0DpW
ID6A==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@bgdev-pl.20221208.gappssmtp.com header.s=20221208
header.b=Isfkv6zL;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
by mx.google.com with ESMTP id
oz2-20020a170906cd0200b0099bd8c1f67csi3915684ejb.499.2023.08.11.14.00.39;
Fri, 11 Aug 2023 14:01:09 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
dkim=pass header.i=@bgdev-pl.20221208.gappssmtp.com header.s=20221208
header.b=Isfkv6zL;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S236294AbjHKTao (ORCPT <rfc822;lanlanxiyiji@gmail.com>
+ 99 others); Fri, 11 Aug 2023 15:30:44 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60244 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S234977AbjHKTan (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Fri, 11 Aug 2023 15:30:43 -0400
Received: from mail-wm1-x32d.google.com (mail-wm1-x32d.google.com
[IPv6:2a00:1450:4864:20::32d])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F2FDF30EC
for <linux-kernel@vger.kernel.org>;
Fri, 11 Aug 2023 12:30:39 -0700 (PDT)
Received: by mail-wm1-x32d.google.com with SMTP id
5b1f17b1804b1-3fe1e1142caso21449675e9.0
for <linux-kernel@vger.kernel.org>;
Fri, 11 Aug 2023 12:30:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=bgdev-pl.20221208.gappssmtp.com; s=20221208; t=1691782238;
x=1692387038;
h=content-transfer-encoding:mime-version:message-id:date:subject:cc
:to:from:from:to:cc:subject:date:message-id:reply-to;
bh=nHAG8ZwFEDy1+22mRF7CGDpzGtcaDo1M+JtJ4MZhhsI=;
b=Isfkv6zLg3PKRw2CBDcIVio35wCeLiSdiL+Z3RY3FUh4m1FwrSdQUpnYPzQG5cCul9
PDS2APFvIxVb5L0PkvpuEKcVe/D5eI8UIA2eTRTqHBaEV5Ef1ssMIRdLTFNYC3XoSmKs
yMDO/dGHH1u0iUrCV0SJD0LBlAxPPu30JArxOjpmfNWk3chdpf9+87UXeIhhx1UJBivw
Z/y72iBXdFFSy3w10pa8uVeOVCHxnuX0YBv5qM8pZ7zvoEx0iHRI07mwiVYkgU1FtKJm
F/icL0y1B25TMfmJGTkPHegOBp9VIc3e24aBVuEq6mQpA8UyGJN+NOoKngpQMTh9f1XA
F1QQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20221208; t=1691782238; x=1692387038;
h=content-transfer-encoding:mime-version:message-id:date:subject:cc
:to:from:x-gm-message-state:from:to:cc:subject:date:message-id
:reply-to;
bh=nHAG8ZwFEDy1+22mRF7CGDpzGtcaDo1M+JtJ4MZhhsI=;
b=aZERCoXEumvMskZqMcJZh5D4MG9tu/jxgBWt4hcIdQdVv/MtD0kKL48HqBvhoXV7u3
70bAwtd27ewrF1ucPSZeGMtE7RMLLzwm5ke6V7Ph/eCQfBiGzru01IEDi10leWIMZYrC
oqwkccdcpL5m7BBFuNhBZQppPmNDF518FsKo9/ZJ6VJUn4mUzZMavf5J+94NKVuyryUx
5WOKtUwRp+l0vm8ZQv4Fv8TuBeYwiUIozh7KeSAPpwG0orUO+n9I3z1hhNMlOR2R7tsW
Ni+jJrwAW3T1TsNDsA0wiKk3yFUOR4aEE7wu9klQhqKchcI8XpCPJYPhma+vwHfkbGhc
Wgtw==
X-Gm-Message-State: AOJu0YyJQvaIxb5CAjNnqj/urSdim7iE+AXFfhafEKGtU2dzMopezkt4
3yfF5lg9fZph8piUB/yRlisgmCkyetRWCnem+Fcr9A==
X-Received: by 2002:a05:6000:885:b0:315:8f4f:81b8 with SMTP id
cs5-20020a056000088500b003158f4f81b8mr2014081wrb.50.1691782238392;
Fri, 11 Aug 2023 12:30:38 -0700 (PDT)
Received: from brgl-uxlite.home ([2a01:cb1d:334:ac00:d0f3:773f:e87a:3b82])
by smtp.gmail.com with ESMTPSA id
i10-20020a5d438a000000b0031760af2331sm6226130wrq.100.2023.08.11.12.30.37
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Fri, 11 Aug 2023 12:30:37 -0700 (PDT)
From: Bartosz Golaszewski <brgl@bgdev.pl>
To: Linus Walleij <linus.walleij@linaro.org>,
Andy Shevchenko <andriy.shevchenko@linux.intel.com>,
Kent Gibson <warthog618@gmail.com>
Cc: linux-gpio@vger.kernel.org, linux-kernel@vger.kernel.org,
Bartosz Golaszewski <bartosz.golaszewski@linaro.org>
Subject: [PATCH v3] gpiolib: fix reference leaks when removing GPIO chips
still in use
Date: Fri, 11 Aug 2023 21:30:34 +0200
Message-Id: <20230811193034.59124-1-brgl@bgdev.pl>
X-Mailer: git-send-email 2.39.2
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED,
DKIM_VALID,RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_NONE
autolearn=unavailable autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1773870996374538844
X-GMAIL-MSGID: 1773967947077243382
|
| Series |
[v3] gpiolib: fix reference leaks when removing GPIO chips still in use
|
|
Commit Message
Bartosz Golaszewski
Aug. 11, 2023, 7:30 p.m. UTC
From: Bartosz Golaszewski <bartosz.golaszewski@linaro.org> After we remove a GPIO chip that still has some requested descriptors, gpiod_free_commit() will fail and we will never put the references to the GPIO device and the owning module in gpiod_free(). Rework this function to: - not warn on desc == NULL as this is a use-case on which most free functions silently return - put the references to desc->gdev and desc->gdev->owner unconditionally so that the release callback actually gets called when the remaining references are dropped by external GPIO users Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@linaro.org> --- v1 -> v2: - add a comment about why we can't use VALIDATE_DESC_VOID() v2 -> v3: - we must drop the reference to the owner module before we drop the one to the gpio_device as the latter may be removed if this is the last reference and we'll end up calling module_put() on freed memory drivers/gpio/gpiolib.c | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-)
Comments
On Tue, Aug 15, 2023 at 03:07:50PM +0200, Linus Walleij wrote: > On Tue, Aug 15, 2023 at 2:57 PM Andy Shevchenko > <andriy.shevchenko@linux.intel.com> wrote: > > On Tue, Aug 15, 2023 at 01:40:22PM +0200, Linus Walleij wrote: > > > On Tue, Aug 15, 2023 at 11:50 AM Andy Shevchenko > > > <andriy.shevchenko@linux.intel.com> wrote: > > > > On Fri, Aug 11, 2023 at 09:30:34PM +0200, Bartosz Golaszewski wrote: ... > > > > > + module_put(desc->gdev->owner); > > > > > + gpio_device_put(desc->gdev); > > > > > > > > So, if gdev can be NULL, you will get an Oops with new code. > > > > > > I read it such that gdev->chip can be NULL, but not gdev, > > > and desc->gdev->owner is fine to reference? > > > > Basically the Q is > > "if desc is non-NULL, does it guarantee that gdev is non-NULL either?" > > gdev->desc is assigned in one single spot, which is in > gpiochip_add_data_with_key(): > > for (i = 0; i < gc->ngpio; i++) > gdev->descs[i].gdev = gdev; > > It is never assigned anywhere else, so I guess yes. > > We may also ask if it is ever invalid (i.e. if desc->gdev can point to > junk). > > A gdev turns to junk when its reference count goes down to zero > and gpiodev_release() is called effectively calling kfree() on the > struct gpio_device *. > > But that can only happen as a result of module_put() getting > called, pulling the references down to zero. Which is what we > are discussing. The line after module_put(), desc->gdev > *could* be NULL. Yes. > But then we just call gpio_device_put(desc->gdev) which is > just a call to device_put(), which is NULL-tolerant. But gpio_device_put() does not NULL tolerant. So, oops in this line then.
diff --git a/drivers/gpio/gpiolib.c b/drivers/gpio/gpiolib.c index 251c875b5c34..76e0c38026c3 100644 --- a/drivers/gpio/gpiolib.c +++ b/drivers/gpio/gpiolib.c @@ -2167,12 +2167,18 @@ static bool gpiod_free_commit(struct gpio_desc *desc) void gpiod_free(struct gpio_desc *desc) { - if (desc && desc->gdev && gpiod_free_commit(desc)) { - module_put(desc->gdev->owner); - gpio_device_put(desc->gdev); - } else { + /* + * We must not use VALIDATE_DESC_VOID() as the underlying gdev->chip + * may already be NULL but we still want to put the references. + */ + if (!desc) + return; + + if (!gpiod_free_commit(desc)) WARN_ON(extra_checks); - } + + module_put(desc->gdev->owner); + gpio_device_put(desc->gdev); } /**