| Message ID | 20221110152500.3032655-1-linux@roeck-us.net (mailing list archive) |
|---|---|
| Headers | show |
| Series | thermal/core: Protect thermal device operations against removal | expand |
On Thu, Nov 10, 2022 at 4:25 PM Guenter Roeck <linux@roeck-us.net> wrote: > > Accesses to thermal zones, and with it to thermal zone device operations, > are still possible after the thermal zone device has been unregistered. > For example, thermal_zone_get_temp() can be called from temp_show() > in thermal_sysfs.c if the sysfs attribute was opened before the thermal > device was unregistered. This is problematic and may result in crashes > since the operations data structure and the underlying code may be gone > when the calls are made. > > The following series solves the problem by protecting accesses to thermal > device operations with the thermal device mutex, and by verifying that the > thermal device is still registered after the mutex has been acquired. > > This was previously sent as RFC/RFT as single patch [1]. The code was reworked > to match thermal subsystem changes made between v6.0 and v6.1, and it was > split into several patches to simplify review. > > [1] https://lore.kernel.org/linux-pm/20221004033936.1047691-1-linux@roeck-us.net/ > > v2: Improved documentation, rearranged code. > No functional changes. See individual patches for details. > > ---------------------------------------------------------------- > Guenter Roeck (9): > thermal/core: Destroy thermal zone device mutex in release function > thermal/core: Delete device under thermal device zone lock > thermal/core: Ensure that thermal device is registered in thermal_zone_get_temp > thermal/core: Move parameter validation from __thermal_zone_get_temp to thermal_zone_get_temp > thermal/core: Introduce locked version of thermal_zone_device_update > thermal/core: Protect hwmon accesses to thermal operations with thermal zone mutex > thermal/core: Protect sysfs accesses to thermal operations with thermal zone mutex > thermal/core: Remove thermal_zone_set_trips() > thermal/core: Protect thermal device operations against thermal device removal > > drivers/thermal/thermal_core.c | 76 +++++++++++++++++++++++-------------- > drivers/thermal/thermal_core.h | 3 +- > drivers/thermal/thermal_helpers.c | 67 +++++++++++++++++++++------------ > drivers/thermal/thermal_hwmon.c | 10 ++++- > drivers/thermal/thermal_sysfs.c | 79 ++++++++++++++++++++++++++++++++------- > 5 files changed, 168 insertions(+), 67 deletions(-) All applied as 6.2 material, thanks!
On Mon, Nov 14, 2022 at 07:06:57PM +0100, Rafael J. Wysocki wrote: > On Thu, Nov 10, 2022 at 4:25 PM Guenter Roeck <linux@roeck-us.net> wrote: > > > > Accesses to thermal zones, and with it to thermal zone device operations, > > are still possible after the thermal zone device has been unregistered. > > For example, thermal_zone_get_temp() can be called from temp_show() > > in thermal_sysfs.c if the sysfs attribute was opened before the thermal > > device was unregistered. This is problematic and may result in crashes > > since the operations data structure and the underlying code may be gone > > when the calls are made. > > > > The following series solves the problem by protecting accesses to thermal > > device operations with the thermal device mutex, and by verifying that the > > thermal device is still registered after the mutex has been acquired. > > > > This was previously sent as RFC/RFT as single patch [1]. The code was reworked > > to match thermal subsystem changes made between v6.0 and v6.1, and it was > > split into several patches to simplify review. > > > > [1] https://lore.kernel.org/linux-pm/20221004033936.1047691-1-linux@roeck-us.net/ > > > > v2: Improved documentation, rearranged code. > > No functional changes. See individual patches for details. > > > > ---------------------------------------------------------------- > > Guenter Roeck (9): > > thermal/core: Destroy thermal zone device mutex in release function > > thermal/core: Delete device under thermal device zone lock > > thermal/core: Ensure that thermal device is registered in thermal_zone_get_temp > > thermal/core: Move parameter validation from __thermal_zone_get_temp to thermal_zone_get_temp > > thermal/core: Introduce locked version of thermal_zone_device_update > > thermal/core: Protect hwmon accesses to thermal operations with thermal zone mutex > > thermal/core: Protect sysfs accesses to thermal operations with thermal zone mutex > > thermal/core: Remove thermal_zone_set_trips() > > thermal/core: Protect thermal device operations against thermal device removal > > > > drivers/thermal/thermal_core.c | 76 +++++++++++++++++++++++-------------- > > drivers/thermal/thermal_core.h | 3 +- > > drivers/thermal/thermal_helpers.c | 67 +++++++++++++++++++++------------ > > drivers/thermal/thermal_hwmon.c | 10 ++++- > > drivers/thermal/thermal_sysfs.c | 79 ++++++++++++++++++++++++++++++++------- > > 5 files changed, 168 insertions(+), 67 deletions(-) > > All applied as 6.2 material, thanks! Thanks a lot! Guenter
Accesses to thermal zones, and with it to thermal zone device operations, are still possible after the thermal zone device has been unregistered. For example, thermal_zone_get_temp() can be called from temp_show() in thermal_sysfs.c if the sysfs attribute was opened before the thermal device was unregistered. This is problematic and may result in crashes since the operations data structure and the underlying code may be gone when the calls are made. The following series solves the problem by protecting accesses to thermal device operations with the thermal device mutex, and by verifying that the thermal device is still registered after the mutex has been acquired. This was previously sent as RFC/RFT as single patch [1]. The code was reworked to match thermal subsystem changes made between v6.0 and v6.1, and it was split into several patches to simplify review. [1] https://lore.kernel.org/linux-pm/20221004033936.1047691-1-linux@roeck-us.net/ v2: Improved documentation, rearranged code. No functional changes. See individual patches for details. ---------------------------------------------------------------- Guenter Roeck (9): thermal/core: Destroy thermal zone device mutex in release function thermal/core: Delete device under thermal device zone lock thermal/core: Ensure that thermal device is registered in thermal_zone_get_temp thermal/core: Move parameter validation from __thermal_zone_get_temp to thermal_zone_get_temp thermal/core: Introduce locked version of thermal_zone_device_update thermal/core: Protect hwmon accesses to thermal operations with thermal zone mutex thermal/core: Protect sysfs accesses to thermal operations with thermal zone mutex thermal/core: Remove thermal_zone_set_trips() thermal/core: Protect thermal device operations against thermal device removal drivers/thermal/thermal_core.c | 76 +++++++++++++++++++++++-------------- drivers/thermal/thermal_core.h | 3 +- drivers/thermal/thermal_helpers.c | 67 +++++++++++++++++++++------------ drivers/thermal/thermal_hwmon.c | 10 ++++- drivers/thermal/thermal_sysfs.c | 79 ++++++++++++++++++++++++++++++++------- 5 files changed, 168 insertions(+), 67 deletions(-)