Re: [PATCH] hwmon: (max6620) Add locking to avoid TOCTOU

[Guenter Roeck]

On 11/28/25 09:59, Gui-Dong Han wrote:
> On Sat, Nov 29, 2025 at 12:34 AM Guenter Roeck <linux@xxxxxxxxxxxx> wrote:
> > On Fri, Nov 28, 2025 at 08:43:51PM +0800, Gui-Dong Han wrote:
> > > The function max6620_read checks shared data (tach and target) for zero
> > > before passing it to max6620_fan_tach_to_rpm, which uses it as a divisor.
> > > These accesses are currently lockless. If the data changes to zero
> > > between the check and the division, it causes a divide-by-zero error.
> > >
> > > Explicitly acquire the update lock around these checks and calculations
> > > to ensure the data remains stable, preventing Time-of-Check to
> > > Time-of-Use (TOCTOU) race conditions.
> > >
> > > This change also aligns the locking behavior with the hwmon_fan_alarm
> > > case, which already uses the update lock.
> > >
> > > Link: https://lore.kernel.org/all/CALbr=LYJ_ehtp53HXEVkSpYoub+XYSTU8Rg=o1xxMJ8=5z8B-g@xxxxxxxxxxxxxx/
> > > Fixes: e8ac01e5db32 ("hwmon: Add Maxim MAX6620 hardware monitoring driver")
> > > Cc: stable@xxxxxxxxxxxxxxx
> > > Signed-off-by: Gui-Dong Han <hanguidong02@xxxxxxxxx>
> > > ---
> > > Based on the discussion in the link, I will submit a series of patches to
> > > address TOCTOU issues in the hwmon subsystem by converting macros to
> > > functions or adjusting locking where appropriate.
> >
> > This patch is not necessary. The driver registers with the hwmon subsystem
> > using devm_hwmon_device_register_with_info(). That means the hwmon subsystem
> > handles the necessary locking. On top of that, removing the existing driver
> > internal locking code is queued for v6.19.
>
> Hi Guenter,
>
> Thanks for the information. I missed the new hwmon subsystem locking
> implementation earlier as it wasn't present in v6.17.9. I have since
> studied the code in v6.18-rc, and it looks like an excellent
> improvement. I will focus exclusively on drivers not using
> devm_hwmon_device_register_with_info() going forward.
>
> In our previous discussion, you also suggested adding a note to
> submitting-patches.rst about "avoiding calculations in macros" to
> explicitly explain the risk of race conditions. Is this something you
> would still like to see added? If so, I would be happy to prepare a
> patch.

Yes, that would be great. Thanks!

Guenter