1. Patchew
  2. linux
  3. View series

[PATCH v3 00/11] gpio: Adopt revocable mechanism for UAF prevention

Tzung-Bi Shih posted 11 patches 1 month, 2 weeks ago 
drivers/gpio/gpiolib-cdev.c                   |  95 ++----
drivers/gpio/gpiolib-cdev.h                   |   2 +-
drivers/gpio/gpiolib-sysfs.c                  |  53 ++-
drivers/gpio/gpiolib-sysfs.h                  |   8 +-
drivers/gpio/gpiolib.c                        | 305 ++++++++----------
drivers/gpio/gpiolib.h                        |  27 +-
tools/testing/selftests/gpio/Makefile         |   5 +-
tools/testing/selftests/gpio/gpio-cdev-uaf.c  | 292 +++++++++++++++++
tools/testing/selftests/gpio/gpio-cdev-uaf.sh |  63 ++++
9 files changed, 541 insertions(+), 309 deletions(-)
create mode 100644 tools/testing/selftests/gpio/gpio-cdev-uaf.c
create mode 100755 tools/testing/selftests/gpio/gpio-cdev-uaf.sh
[PATCH v3 00/11] gpio: Adopt revocable mechanism for UAF prevention
Posted by Tzung-Bi Shih 1 month, 2 weeks ago 
This series transitions the UAF prevention logic within the GPIO core
(gpiolib) to use the 'revocable' mechanism.

The existing code aims to prevent UAF issues when the underlying GPIO
chip is removed.  This series replaces that custom logic with the
generic 'revocable' API, which is designed to handle such lifecycle
dependencies.  There should be no changes in behavior.

The series applies after:
- https://lore.kernel.org/all/20260213092307.858908-1-tzungbi@kernel.org
- https://lore.kernel.org/all/20260205092840.2574840-1-tzungbi@kernel.org

Tzung-Bi Shih (11):
  gpio: Access `gpio_bus_type` in gpiochip_setup_dev()
  gpio: Remove redundant check for struct gpio_chip
  gpio: sysfs: Remove redundant check for struct gpio_chip
  gpio: Ensure struct gpio_chip for gpiochip_setup_dev()
  gpio: cdev: Don't check struct gpio_chip in gpio_chrdev_open()
=> The first 5 patches are refactors.  They try to make the subsequent
   changes easier or at least clear.

  selftests: gpio: Add gpio-cdev-uaf tests
=> The following patch adds kselftest cases for some classic UAF
   scenarios.

  gpio: Add revocable provider handle for struct gpio_chip
  gpio: cdev: Leverage revocable for accessing struct gpio_chip
  gpio: Remove gpio_chip_guard by using revocable
  gpio: Leverage revocable for accessing struct gpio_chip
=> The following 4 patches start to replace the existing code.

  gpio: Remove unused `chip` and `srcu` in struct gpio_device
=> The last patch removes the unused fields for the custom logic as all
   of them should be transiting to revocable.

---
v3:
- Change revocable API usages accordingly.

v2: https://lore.kernel.org/all/20260203061059.975605-1-tzungbi@kernel.org
- Separate fixes patches from v1.  Some of them have been landed.
- Combine small patches into one as they become simpler after applying
  https://lore.kernel.org/all/20260129143733.45618-1-tzungbi@kernel.org.

v1: https://lore.kernel.org/all/20260116081036.352286-1-tzungbi@kernel.org

 drivers/gpio/gpiolib-cdev.c                   |  95 ++----
 drivers/gpio/gpiolib-cdev.h                   |   2 +-
 drivers/gpio/gpiolib-sysfs.c                  |  53 ++-
 drivers/gpio/gpiolib-sysfs.h                  |   8 +-
 drivers/gpio/gpiolib.c                        | 305 ++++++++----------
 drivers/gpio/gpiolib.h                        |  27 +-
 tools/testing/selftests/gpio/Makefile         |   5 +-
 tools/testing/selftests/gpio/gpio-cdev-uaf.c  | 292 +++++++++++++++++
 tools/testing/selftests/gpio/gpio-cdev-uaf.sh |  63 ++++
 9 files changed, 541 insertions(+), 309 deletions(-)
 create mode 100644 tools/testing/selftests/gpio/gpio-cdev-uaf.c
 create mode 100755 tools/testing/selftests/gpio/gpio-cdev-uaf.sh

-- 
2.53.0.310.g728cabbaf7-goog
Re: [PATCH v3 00/11] gpio: Adopt revocable mechanism for UAF prevention
Posted by Bartosz Golaszewski 1 month, 1 week ago 
On Fri, Feb 13, 2026 at 10:31 AM Tzung-Bi Shih <tzungbi@kernel.org> wrote:
>
> This series transitions the UAF prevention logic within the GPIO core
> (gpiolib) to use the 'revocable' mechanism.
>
> The existing code aims to prevent UAF issues when the underlying GPIO
> chip is removed.  This series replaces that custom logic with the
> generic 'revocable' API, which is designed to handle such lifecycle
> dependencies.  There should be no changes in behavior.
>

Patches 1-6 look good to me, I think they should go into linux-next
after v7.0-rc1 is tagged to lessen the burden on the subsequent
revocable work.

Bart
Re: [PATCH v3 00/11] gpio: Adopt revocable mechanism for UAF prevention
Posted by Tzung-Bi Shih 1 month, 1 week ago 
On Wed, Feb 18, 2026 at 11:26:00AM +0100, Bartosz Golaszewski wrote:
> On Fri, Feb 13, 2026 at 10:31 AM Tzung-Bi Shih <tzungbi@kernel.org> wrote:
> >
> > This series transitions the UAF prevention logic within the GPIO core
> > (gpiolib) to use the 'revocable' mechanism.
> >
> > The existing code aims to prevent UAF issues when the underlying GPIO
> > chip is removed.  This series replaces that custom logic with the
> > generic 'revocable' API, which is designed to handle such lifecycle
> > dependencies.  There should be no changes in behavior.
> >
> 
> Patches 1-6 look good to me, I think they should go into linux-next
> after v7.0-rc1 is tagged to lessen the burden on the subsequent
> revocable work.

Separated, rebased to v7.0-rc1, and addressed comments for the first 6
patches:
https://lore.kernel.org/all/20260223061726.82161-1-tzungbi@kernel.org

Patchew 2.1-devel-ea86937

© 2016 - 2026 Red Hat, Inc.