lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 29 Apr 2015 21:24:56 +0200
From:	Michal Suchanek <hramrach@...il.com>
To:	Geert Uytterhoeven <geert@...ux-m68k.org>
Cc:	Mark Brown <broonie@...nel.org>,
	"Eric D." <eric.dillmann@...il.com>,
	linux-sunxi <linux-sunxi@...glegroups.com>,
	Jonathan Corbet <corbet@....net>,
	Hans de Goede <hdegoede@...hat.com>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	Maxime Ripard <maxime.ripard@...e-electrons.com>,
	linux-spi <linux-spi@...r.kernel.org>,
	Martin Sperl <kernel@...tin.sperl.org>
Subject: Re: [linux-sunxi] [PATCH 2/3] spidev: Add DT binding example.

On 29 April 2015 at 20:56, Geert Uytterhoeven <geert@...ux-m68k.org> wrote:
> On Wed, Apr 29, 2015 at 8:37 PM, Michal Suchanek <hramrach@...il.com> wrote:
>> I am using a version of Maxime's patch myself right now. It does not
>> seem it's going to be include in the kernel any time soon, however.
>>
>> FWIW I added the ability to open any CS, even those claimed by kernel
>> drivers. This addresses any potential race of spidev binding before
>> the actual driver but has the potential to introduce some subtle bugs
>> when you open and reconfigure a CS used by a kernel driver or send
>> some commands that upset the device.
>
> Uh, that sounds dangerous.
>
> Perhaps you can add some safety net, before user space can access
> them, cfr. /sys/class/gpio/export?
>

That's what accessing random devices from userspace is. I can issue
the identify commead to my SPI flash allright since it is idle.

I am not sure of its protocol details but I am quite sure that some
displays have data transfers that allow pauses so if I sent a command
during a screen update it would likely get inserted into the
framebuffer bitstream. And changing CS polarity or something like that
will certainly have interesting results.

Still not binding spidev to busy CS is just one test that can be
compiled in as an option. If things stay this simple I don't see much
problem with that.

Thanks

Michal
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ