From: Bartosz Golaszewski <brgl@bgdev.pl>
To: Kent Gibson <warthog618@gmail.com>,
Linus Walleij <linus.walleij@linaro.org>,
Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Cc: linux-gpio@vger.kernel.org, linux-kernel@vger.kernel.org,
Bartosz Golaszewski <bartosz.golaszewski@linaro.org>
Subject: [PATCH v6 0/2] gpiolib: don't allow user-space to crash the kernel with hot-unplugs
Date: Thu, 1 Dec 2022 13:59:26 +0100 [thread overview]
Message-ID: <20221201125928.3031325-1-brgl@bgdev.pl> (raw)
From: Bartosz Golaszewski <bartosz.golaszewski@linaro.org>
This is (hopefully) the final iteration of the changes that aim at fixing
the situation in which the user-space can provoke a NULL-pointer derefence
in the kernel when a GPIO device that's in use by user-space is removed.
v5 -> v6:
- signal an error in poll callbacks instead of returning 0 which would make
the user-space assume a timeout occurred (which could lead to user-space
spinning a timeout loop forever)
v4 -> v5:
- try to acquire the semaphore for reading and bail out of syscall callbacks
immediately in case of lock contention
v3 -> v4:
- use function typedefs to make code cleaner
- add a blank line after down_write()
v2 -> v3:
- drop the helper variable in patch 1/2 as we won't be using it in 2/2
- refactor patch 2/2 to use locking wrappers around the syscall callbacks
v1 -> v2:
- add missing gdev->chip checks in patch 1/2
- add a second patch that protects the structures that can be accessed
by user-space calls against concurrent removal
Bartosz Golaszewski (2):
gpiolib: cdev: fix NULL-pointer dereferences
gpiolib: protect the GPIO device against being dropped while in use by
user-space
drivers/gpio/gpiolib-cdev.c | 193 ++++++++++++++++++++++++++++++++----
drivers/gpio/gpiolib.c | 4 +
drivers/gpio/gpiolib.h | 5 +
3 files changed, 180 insertions(+), 22 deletions(-)
--
2.37.2
next reply other threads:[~2022-12-01 12:59 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-12-01 12:59 Bartosz Golaszewski [this message]
2022-12-01 12:59 ` [PATCH v6 1/2] gpiolib: cdev: fix NULL-pointer dereferences Bartosz Golaszewski
2022-12-01 12:59 ` [PATCH v6 2/2] gpiolib: protect the GPIO device against being dropped while in use by user-space Bartosz Golaszewski
2022-12-01 13:00 ` [PATCH v6 0/2] gpiolib: don't allow user-space to crash the kernel with hot-unplugs Bartosz Golaszewski
2022-12-01 13:59 ` Andy Shevchenko
2022-12-01 14:13 ` Bartosz Golaszewski
2022-12-01 15:40 ` Andy Shevchenko
2022-12-01 18:15 ` Bartosz Golaszewski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221201125928.3031325-1-brgl@bgdev.pl \
--to=brgl@bgdev.pl \
--cc=andriy.shevchenko@linux.intel.com \
--cc=bartosz.golaszewski@linaro.org \
--cc=linus.walleij@linaro.org \
--cc=linux-gpio@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=warthog618@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.