Re: refcounting drivers' data structures used in sysfs buffers

From: Dmitry Torokhov
Date: Mon Mar 12 2007 - 11:43:21 EST


On 3/12/07, Oliver Neukum <oneukum@xxxxxxx> wrote:
Am Montag, 12. März 2007 15:57 schrieb Alan Stern:probably nece
> On Mon, 12 Mar 2007, Oliver Neukum wrote:
>
> > > > Why? What's wrong with simply calling kref_get/put?
> > >
> > > It's the same old problem: the race between unbind and sysfs I/O. What
> > > good does holding a reference to the private data structure do if the
> > > show/store method gets called after the driver has been unbound from the
> > > device? dev_get_drvdata() will no longer provide a valid pointer to the
> > > private data, so the method will have no way to access it. Hence the
> > > method needs another argument.
> >
> > It does half the job. You can make sure the driver is not asked to access
> > freed memory.
> > It is true that a driver will have to mark that device "disconnected"
> > and return errors if that device's attributes are referenced, but this can
> > be done internally.
>
> No, you're missing the point. Let's say driver A's disconnect() is
> called, so the driver marks its private data structure as "disconnected"
> and does dev_set_drvdata(NULL). Then driver B is probed and bound to the
> device, and it does its own dev_set_drvdata(). Then a user still holding
> an open sysfs file reference for driver A calls a show() or store()
> method. The method will do dev_get_drvdata(), receiving the pointer to
> driver B's private data. Now you're in trouble, because A's method will
> think it owns B's private data!

Yes, I was missing the point. In consequence, drivers must not use
dev_get_drvdata() to get their references to their private data. It's
probably necessary to store it in struct sysfs_buffer and include that
in the store/show callbacks.
(The same does apply to interfaces of course)


Or drivers coudl verify that they still bound to the device they are
about to operate on (psmouse does this by taking a lock on device and
then checking if driver bound is the same address as psmouse). But I'd
rather get rid of all this clutter if we could sever sysfs access
after removing corresponding attributes.

--
Dmitry
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/