Re: [PATCH 16/22] gpio: reduce the functionality of validate_desc()
From: Linus Walleij
Date: Wed Jan 31 2024 - 15:19:54 EST
On Wed, Jan 31, 2024 at 9:16 PM Linus Walleij <linus.walleij@linaroorg> wrote:
> On Tue, Jan 30, 2024 at 1:48 PM Bartosz Golaszewski <brgl@xxxxxxxx> wrote:
>
> > From: Bartosz Golaszewski <bartosz.golaszewski@xxxxxxxxxx>
> >
> > Checking desc->gdev->chip for NULL without holding it in place with some
> > serializing mechanism is pointless. Remove this check. Also don't check
> > desc->gdev for NULL as it can never happen.
> >
> > Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@xxxxxxxxxx>
>
> I don't know if I agree that it is pointless. It will work on any single-CPU
> system and 99.9% of other cases.
>
> On the other hand: what it is supposed to protect against is userspace
> doing calls to a gpio_device through the character device, while the
> backing struct gpio_chip is gone (e.g. a GPIO expander on USB,
> and someone pulled the cable), i.e. it became NULL, and this is why the
> error message says "backing device is gone".
>
> But I want to see where the series is going, maybe you fix this
> problem in the end, so I can come back and ACK this.
Aha, it is fixed in patches 19+20. Maybe mention that we add a new
protection later in the series in the commit message?
Anyway, I get it now!
Reviewed-by: Linus Walleij <linus.walleij@xxxxxxxxxx>
Yours,
Linus Walleij