Speaker
Description
Recently there have been several talks about issues with object ownership in device drivers, use-after-free bugs and problems with handling hot unplug events in certain subsystems.
First Laurent Pinchart revisited an older discussion about the harmful side-effects of devres helpers during LPC 2022[1]. I then went down that rabbit hole only to discover a whole suite of issues, not really linked to devres in any way but rather mostly caused by the way subsystems and drivers mix reference counted resources with regular ones[2]. This year Wolfram Sang continued the research and presented even more vulnerable subsystems as well as some potential remedies during his talk at the EOSS 2023 in Prague[3].
I have since experimented with several approaches and would like to present some updates on this subject. During this talk I plan to jump straight into presenting concrete ideas and timelines for improving the driver model and introducing some unification in the way subsystems handle driver data. While this is a significant effort spanning multiple device subsystems that will need to be carried out in many phases over what will most likely be years, without addressing the problems, we'll be left with many parts of the kernel not being able to correctly handle simple driver unbinds.
[1] https://lpc.events/event/16/contributions/1227/
[2] https://fosdem.org/2023/schedule/event/devm_kzalloc/
[3] https://eoss2023.sched.com/event/1LcPP/subsystems-with-object-lifetime-issues-in-the-embedded-case-wolfram-sang-sang-engineering-renesas
