On Tue, Jan 30, 2024 at 1:48 PM Bartosz Golaszewski <[email protected]> wrote:
> From: Bartosz Golaszewski <[email protected]>
>
> Ensure we cannot crash if the GPIO device gets unregistered (and the
> chip pointer set to NULL) during any of the API calls.
>
> To that end: wait for all users of gdev->chip to exit their read-only
> SRCU critical sections in gpiochip_remove().
>
> For brevity: add a guard class which can be instantiated at the top of
> every function requiring read-only access to the chip pointer and use it
> in all API calls taking a GPIO descriptor as argument. In places where
> we only deal with the GPIO device - use regular guard() helpers and
> rcu_dereference() for chip access. Do the same in API calls taking a
> const pointer to gpio_desc.
>
> Signed-off-by: Bartosz Golaszewski <[email protected]>
The way I read it after this the gpio character device is well protected
against the struct gpio_chip going away, good work!
Reviewed-by: Linus Walleij <[email protected]>
I would perhaps slot in some documentation around
struct gpio_chip_guard explaining how this works and why it is needed.
Yours,
Linus Walleij