Re: [PATCH 00/23] gpiolib: Adopt revocable mechanism for UAF prevention

[PATCH 00/23] gpiolib: Adopt revocable mechanism for UAF prevention · Tzung-Bi Shih <tzungbi@kernel.org> · 2026-01-16
[PATCH 01/23] gpiolib: Correct wrong kfree() usage for `kobj->name` · Tzung-Bi Shih <tzungbi@kernel.org> · 2026-01-16
Re: [PATCH 01/23] gpiolib: Correct wrong kfree() usage for `kobj->name` · Bartosz Golaszewski <brgl@kernel.org> · 2026-01-16
Re: [PATCH 01/23] gpiolib: Correct wrong kfree() usage for `kobj->name` · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2026-01-16
Re: [PATCH 01/23] gpiolib: Correct wrong kfree() usage for `kobj->name` · Bartosz Golaszewski <brgl@kernel.org> · 2026-01-16
Re: [PATCH 01/23] gpiolib: Correct wrong kfree() usage for `kobj->name` · Tzung-Bi Shih <tzungbi@kernel.org> · 2026-01-20
Re: [PATCH 01/23] gpiolib: Correct wrong kfree() usage for `kobj->name` · Jason Gunthorpe <jgg@nvidia.com> · 2026-01-16
Re: [PATCH 01/23] gpiolib: Correct wrong kfree() usage for `kobj->name` · Bartosz Golaszewski <brgl@kernel.org> · 2026-01-16
Re: [PATCH 01/23] gpiolib: Correct wrong kfree() usage for `kobj->name` · Tzung-Bi Shih <tzungbi@kernel.org> · 2026-01-20
Re: [PATCH 01/23] gpiolib: Correct wrong kfree() usage for `kobj->name` · Bartosz Golaszewski <brgl@kernel.org> · 2026-01-20
[PATCH 02/23] gpiolib: cdev: Fix resource leaks on errors in gpiolib_cdev_register() · Tzung-Bi Shih <tzungbi@kernel.org> · 2026-01-16
Re: [PATCH 02/23] gpiolib: cdev: Fix resource leaks on errors in gpiolib_cdev_register() · Bartosz Golaszewski <brgl@kernel.org> · 2026-01-20
Re: [PATCH 02/23] gpiolib: cdev: Fix resource leaks on errors in gpiolib_cdev_register() · Tzung-Bi Shih <tzungbi@kernel.org> · 2026-01-20
Re: [PATCH 02/23] gpiolib: cdev: Fix resource leaks on errors in gpiolib_cdev_register() · Bartosz Golaszewski <brgl@kernel.org> · 2026-01-20
[PATCH 03/23] gpiolib: Fix resource leaks on errors in gpiochip_add_data_with_key() · Tzung-Bi Shih <tzungbi@kernel.org> · 2026-01-16
[PATCH 04/23] gpiolib: Fix resource leaks on errors in lineinfo_changed_notify() · Tzung-Bi Shih <tzungbi@kernel.org> · 2026-01-16
Re: [PATCH 04/23] gpiolib: Fix resource leaks on errors in lineinfo_changed_notify() · Bartosz Golaszewski <brgl@kernel.org> · 2026-01-16
Re: [PATCH 04/23] gpiolib: Fix resource leaks on errors in lineinfo_changed_notify() · Tzung-Bi Shih <tzungbi@kernel.org> · 2026-01-20
Re: [PATCH 04/23] gpiolib: Fix resource leaks on errors in lineinfo_changed_notify() · Bartosz Golaszewski <brgl@kernel.org> · 2026-01-20
[PATCH 05/23] gpiolib: cdev: Correct return code on memory allocation failure · Tzung-Bi Shih <tzungbi@kernel.org> · 2026-01-16
[PATCH 06/23] gpiolib: Access `gpio_bus_type` in gpiochip_setup_dev() · Tzung-Bi Shih <tzungbi@kernel.org> · 2026-01-16
[PATCH 07/23] gpiolib: Remove redundant check for struct gpio_chip · Tzung-Bi Shih <tzungbi@kernel.org> · 2026-01-16
[PATCH 08/23] gpiolib: sysfs: Remove redundant check for struct gpio_chip · Tzung-Bi Shih <tzungbi@kernel.org> · 2026-01-16
[PATCH 09/23] gpiolib: Ensure struct gpio_chip for gpiochip_setup_dev() · Tzung-Bi Shih <tzungbi@kernel.org> · 2026-01-16
[PATCH 10/23] gpiolib: cdev: Don't check struct gpio_chip in gpio_chrdev_open() · Tzung-Bi Shih <tzungbi@kernel.org> · 2026-01-16
[PATCH 11/23] selftests: gpio: Add gpio-cdev-uaf tests · Tzung-Bi Shih <tzungbi@kernel.org> · 2026-01-16
[PATCH 12/23] gpiolib: Add revocable provider handle for struct gpio_chip · Tzung-Bi Shih <tzungbi@kernel.org> · 2026-01-16
[PATCH 13/23] gpiolib: cdev: Leverage revocable for gpio_fileops · Tzung-Bi Shih <tzungbi@kernel.org> · 2026-01-16
[PATCH 14/23] gpiolib: cdev: Leverage revocable for linehandle_fileops · Tzung-Bi Shih <tzungbi@kernel.org> · 2026-01-16
[PATCH 15/23] gpiolib: cdev: Leverage revocable for line_fileops · Tzung-Bi Shih <tzungbi@kernel.org> · 2026-01-16
[PATCH 16/23] gpiolib: cdev: Leverage revocable for lineevent_fileops · Tzung-Bi Shih <tzungbi@kernel.org> · 2026-01-16
[PATCH 17/23] gpiolib: cdev: Leverage revocable for lineinfo_changed_notify · Tzung-Bi Shih <tzungbi@kernel.org> · 2026-01-16
[PATCH 18/23] gpiolib: Leverage revocable for gpiolib_sops · Tzung-Bi Shih <tzungbi@kernel.org> · 2026-01-16
[PATCH 19/23] revocable: Support to define revocable consumer handle on stack · Tzung-Bi Shih <tzungbi@kernel.org> · 2026-01-16
[PATCH 20/23] revocable: Add Kunit test case for DEFINE_REVOCABLE() · Tzung-Bi Shih <tzungbi@kernel.org> · 2026-01-16
[PATCH 21/23] selftests: revocable: Add test case for DEFINE_REVOCABLE() · Tzung-Bi Shih <tzungbi@kernel.org> · 2026-01-16
[PATCH 22/23] gpiolib: Leverage revocable for other independent lifecycle instances · Tzung-Bi Shih <tzungbi@kernel.org> · 2026-01-16
Re: [PATCH 22/23] gpiolib: Leverage revocable for other independent lifecycle instances · Johan Hovold <johan@kernel.org> · 2026-01-24
Re: [PATCH 22/23] gpiolib: Leverage revocable for other independent lifecycle instances · Johan Hovold <johan@kernel.org> · 2026-01-26
Re: [PATCH 22/23] gpiolib: Leverage revocable for other independent lifecycle instances · Tzung-Bi Shih <tzungbi@kernel.org> · 2026-01-27
[PATCH 23/23] gpiolib: Remove unused `chip` and `srcu` in struct gpio_device · Tzung-Bi Shih <tzungbi@kernel.org> · 2026-01-16
Re: [PATCH 00/23] gpiolib: Adopt revocable mechanism for UAF prevention · Bartosz Golaszewski <brgl@kernel.org> · 2026-01-16
Re: [PATCH 00/23] gpiolib: Adopt revocable mechanism for UAF prevention · Laurent Pinchart <laurent.pinchart@ideasonboard.com> · 2026-01-16
Re: [PATCH 00/23] gpiolib: Adopt revocable mechanism for UAF prevention · Tzung-Bi Shih <tzungbi@kernel.org> · 2026-01-17
Re: [PATCH 00/23] gpiolib: Adopt revocable mechanism for UAF prevention · Bartosz Golaszewski <brgl@kernel.org> · 2026-01-19
Re: [PATCH 00/23] gpiolib: Adopt revocable mechanism for UAF prevention · Tzung-Bi Shih <tzungbi@kernel.org> · 2026-01-21
Re: [PATCH 00/23] gpiolib: Adopt revocable mechanism for UAF prevention · Bartosz Golaszewski <brgl@kernel.org> · 2026-01-21
Re: (subset) [PATCH 00/23] gpiolib: Adopt revocable mechanism for UAF prevention · Bartosz Golaszewski <hidden> · 2026-01-19
Re: (subset) [PATCH 00/23] gpiolib: Adopt revocable mechanism for UAF prevention · Tzung-Bi Shih <tzungbi@kernel.org> · 2026-01-20

From: Bartosz Golaszewski <brgl@kernel.org>
Date: 2026-01-16 10:35:13
Also in: chrome-platform, linux-gpio, linux-kselftest, lkml

On Fri, Jan 16, 2026 at 9:11 AM Tzung-Bi Shih [off-list ref] wrote:

This series transitions the UAF prevention logic within the GPIO core
(gpiolib) to use the 'revocable' mechanism.

The existing code aims to prevent UAF issues when the underlying GPIO
chip is removed.  This series replaces that custom logic with the
generic 'revocable' API, which is designed to handle such lifecycle
dependencies.  There should be no change in behavior.

This series depends on the 'revocable' API, introduced in [1].  Some
build bots may report errors due to undefined symbols related to
'revocable' until the dependency is merged.

Hi Tzung-Bi!

Thank you for doing this and considering my suggestions from LPC. I
haven't looked at the code yet but I quickly tested the series with my
regular test-suites. The good news is: nothing is broken, every test
works fine. The bad news is: there seems to be a significant impact on
performance. With the user-space test-suite from libgpiod (for core C
library - gpiod-test) I'm seeing a consistent 40% impact on
performance. That's not really acceptable. :( I will try to bisect the
series later and see which part exactly breaks it.

I can also help you with user-space testing with libgpiod, if you need
it? Some documentation is available here:
https://libgpiod.readthedocs.io/en/latest/testing.html

[1] https://lore.kernel.org/chrome-platform/20260116080235.350305-1-tzungbi@kernel.org (local)

Tzung-Bi Shih (23):
  gpiolib: Correct wrong kfree() usage for `kobj->name`
  gpiolib: cdev: Fix resource leaks on errors in gpiolib_cdev_register()
  gpiolib: Fix resource leaks on errors in gpiochip_add_data_with_key()
  gpiolib: Fix resource leaks on errors in lineinfo_changed_notify()
  gpiolib: cdev: Correct return code on memory allocation failure

=> The first 5 patches are fixes.  They aren't directly related to the
   replacement, and should be able to apply independently.

Awesome, I'll make them a priority.

  gpiolib: Access `gpio_bus_type` in gpiochip_setup_dev()
  gpiolib: Remove redundant check for struct gpio_chip
  gpiolib: sysfs: Remove redundant check for struct gpio_chip
  gpiolib: Ensure struct gpio_chip for gpiochip_setup_dev()
  gpiolib: cdev: Don't check struct gpio_chip in gpio_chrdev_open()

=> The following 5 patches are refactors.  Makes the subsequent changes
   easier or at least clear.

  selftests: gpio: Add gpio-cdev-uaf tests

=> The following patch adds kselftest cases for some classic UAF
   scenarios.

Thanks, these too look like v7.0 material for me. I'll try to review
these ASAP too.

Bart

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help