lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 5 May 2015 16:08:49 +0000
From:	Jose Rivera <German.Rivera@...escale.com>
To:	Dan Carpenter <dan.carpenter@...cle.com>
CC:	"devel@...verdev.osuosl.org" <devel@...verdev.osuosl.org>,
	"agraf@...e.de" <agraf@...e.de>, "arnd@...db.de" <arnd@...db.de>,
	"bhupesh.sharma@...escale.com" <bhupesh.sharma@...escale.com>,
	"gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	Stuart Yoder <stuart.yoder@...escale.com>,
	Scott Wood <scottwood@...escale.com>,
	"nir.erez@...escale.com" <nir.erez@...escale.com>,
	"itai.katz@...escale.com" <itai.katz@...escale.com>,
	"bhamciu1@...escale.com" <bhamciu1@...escale.com>,
	"R89243@...escale.com" <R89243@...escale.com>,
	Richard Schmitt <richard.schmitt@...escale.com>
Subject: RE: [PATCH 1/7] staging: fsl-mc: MC bus IRQ support



> -----Original Message-----
> From: Dan Carpenter [mailto:dan.carpenter@...cle.com]
> Sent: Tuesday, May 05, 2015 3:49 AM
> To: Rivera Jose-B46482
> Cc: devel@...verdev.osuosl.org; agraf@...e.de; arnd@...db.de; Sharma
> Bhupesh-B45370; gregkh@...uxfoundation.org; linux-kernel@...r.kernel.org;
> Yoder Stuart-B08248; Wood Scott-B07421; Erez Nir-RM30794; katz Itai-
> RM05202; Hamciuc Bogdan-BHAMCIU1; Marginean Alexandru-R89243; Schmitt
> Richard-B43082
> Subject: Re: [PATCH 1/7] staging: fsl-mc: MC bus IRQ support
> 
> On Mon, May 04, 2015 at 10:09:08PM +0000, Jose Rivera wrote:
> > > > +		WARN_ON((int16_t)irq_count < 0);
> > >
> > > This code is doing "WARN_ON(test_bit(15, (unsigned long
> *)&irq_count));".
> > > That seems like nonsense.  Anyway, just delete the WARN_ON().
> > >
> > I disagree. This WARN_ON is checking that irq_count is in the expected
> > range (it fits in int16_t as a positive number). The
> > dprc_scan_objects() function expects irq_count to be of type "unsigned
> > int" (which is 32-bit unsigned)
> >
> 
> You're not allowed to disagree because it's a testable thing and not an
> opinion about style or something.  :P  What you want is:
> 
> 	WARN_ON(irq_count > SHRT_MAX);
> 
I see your point now. The check "(int16_t)irq_count < 0)" will not be able
to catch 0x10000 > 0x7fff, but "irq_count > SHRT_MAX) will. So I'll
make the suggested change, but I would prefer to use S16_MAX rather than 
SHRT_MAX.

> > > > +
> > > > +		if ((int16_t)irq_count >
> > > > +			mc_bus-
> >resource_pools[FSL_MC_POOL_IRQ].max_count) {
> > >
> > > Why are we casting this?  Also can you align it like:
> > >
> > This casting is done for safety, to prevent the comparison to be done
> > in "unsigned int" due to integer promotion rules.
> 
> We are truncating away the top bytes but then we use them later.
> Fortunately we use them only to print out a warning, but if we used them
> for anything else it would be a serious bug.
> 
> Are you expecting .max_count to be negative?
> 
No.

> If not then both sides are positive and type promotion is fine.  We can
> delete the first (buggy) warning, like I said and just leave the second
> warning.  It will now complain if any of bits 16 to 31 are set where
> before it wouldn't.
> 
Agreed. I'll remove the (int16_t) type cast from the "if". So, I'll change
this code snippet to be like this:

		WARN_ON(irq_count > S16_MAX);

		if (irq_count >
		    mc_bus->resource_pools[FSL_MC_POOL_IRQ].max_count) 
            	dev_warn(...);


Although the WARN_ON seems redundant with the "if", it catches a different
problem. The WARN_ON() catches irq_count to be out of range, the "if"
tells when we run out of IRQ resources fro a valid irq_count.

> > > to read what "goto error;" does.  The error handling here calls
> > > devm_kfree() which is not needed...  devm_ functions automatically
> > > clean up after themselves.  This seems a pattern throughout.  Do a
> > > search for
> > > devm_free() and see which ones are really needed or not.
> > >
> > I know that memory allocated with devm_kzalloc() is freed at the end
> > of the lifetime of the device it is attached to. However, in error
> > paths, why wait until the device is destroyed? Why not free the memory
> > earlier so that it can be used for other purposes?
> 
Why then do the devm_kfree() function exist?

I will not remove the devm_free() calls unless the upstream maintainer
requires me to do so.

> My understanding is that devm_ functions are supposed to be used in the
> probe() functions to simplify the error handling.  So hopefully the
> device lifetime ends as soon as this function returns a failure.
> 
> devm_ function are not a use them everywhere because now the kernel has
> garbage collection type thing.
> 
> regards,
> dan carpenter

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ