redonkable
/
alistair23-linux
1
0
Fork 0
Code Releases Activity

gpio: gpio-grgpio: fix possible sleep-in-atomic-context bugs in grgpio_remove() 

drivers/gpio/gpiolib-sysfs.c, 796:
	mutex_lock in gpiochip_sysfs_unregister
drivers/gpio/gpiolib.c, 1455:
	gpiochip_sysfs_unregister in gpiochip_remove
drivers/gpio/gpio-grgpio.c, 460:
	gpiochip_remove in grgpio_remove
drivers/gpio/gpio-grgpio.c, 449:
	_raw_spin_lock_irqsave in grgpio_remove

kernel/irq/irqdomain.c, 243:
	mutex_lock in irq_domain_remove
drivers/gpio/gpio-grgpio.c, 463:
	irq_domain_remove in grgpio_remove
drivers/gpio/gpio-grgpio.c, 449:
	_raw_spin_lock_irqsave in grgpio_remove

mutex_lock() can sleep at runtime.

To fix these bugs, the lock is dropped in grgpio_remove(), because there
is no need for locking in remove() callbacks.

These bugs are found by a static analysis tool STCheck written by
myself.

Signed-off-by: Jia-Ju Bai <baijiaju1990@gmail.com>
Link: https://lore.kernel.org/r/20191219131459.18640-1-baijiaju1990@gmail.com
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
alistair/sensors
Jia-Ju Bai 2019-12-19 21:14:59 +08:00 committed by Linus Walleij
parent 048ae7e8b5
commit 25d071b3f6
1 changed files with 0 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
drivers/gpio/gpio-grgpio.c
View File

@ -437,8 +437,6 @@ static int grgpio_remove(struct platform_device *ofdev)
int i;
int ret = 0;
spin_lock_irqsave(&priv->gc.bgpio_lock, flags);
if (priv->domain) {
for (i = 0; i < GRGPIO_MAX_NGPIO; i++) {
if (priv->uirqs[i].refcnt != 0) {
@ -454,8 +452,6 @@ static int grgpio_remove(struct platform_device *ofdev)
irq_domain_remove(priv->domain);
out:
spin_unlock_irqrestore(&priv->gc.bgpio_lock, flags);
return ret;
}