Re: [PATCH 3/8] char: misc: Introduce misc_sync_register()

[Tzung-Bi Shih]

On Tue, Apr 28, 2026 at 01:09:56PM -0300, Jason Gunthorpe wrote:
> On Mon, Apr 27, 2026 at 09:46:54PM +0800, Tzung-Bi Shih wrote:
> > Introduce misc_sync_register() to support synchronous file operations
> > for misc devices.  This aims to prevent Use-After-Free errors when a
> > device is deregistered while file operations are still in progress or
> > files are open.
> > 
> > It creates a synchronization context that wraps supported file
> > operations and ensures the device is still registered before invoking
> > the file operations.
> > 
> > The minor number is deferred from being freed immediately on
> > deregistration and is used as a primary key to search for the
> > synchronization context in `misc_sync_ctx_list` after the device is
> > unregistered.
> > 
> > Performance impact:
> > - All file operations are serialized by a global lock.
> > - All file operations perform a linear search to find the corresponding
> >   miscdevice.
> 
> This doesn't seem like a serious proposal, this is too much
> performance cost.

Thank you for the feedback.  I understand your concerns about the performance
cost, particularly regarding the global lock and linear search.

This is indeed a serious proposal, and I've dedicated time to developing and
testing it.  Our primary goal is to address a real-world UAF issue we've
encountered on our platforms by integrating a solution upstream, whether it
uses revocable mechanism[1] or not, rather than carrying downstream patches.

I see this as the cost for synchronizing file operations with misc driver
registration, as previously mentioned in [2], which I believe is necessary
to prevent the race conditions.  I'm open to discussing potential
optimizations or alternative approaches if you have suggestions.

[1] https://lore.kernel.org/all/20260427135841.96266-10-tzungbi@xxxxxxxxxx
[2] https://lore.kernel.org/all/aTvTLpFmyVxanvYC@xxxxxxxxxx