| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 30 Nov 2010 00:11:42 +0100 (CET) From: Guennadi Liakhovetski <g.liakhovetski@....de> To: Greg KH <greg@...ah.com> cc: Jonathan Corbet <corbet@....net>, linux-kernel@...r.kernel.org Subject: Re: [PATCH/RFC] core: add a function to safely try to get device driver owner On Mon, 29 Nov 2010, Greg KH wrote: > On Mon, Nov 29, 2010 at 11:10:50PM +0100, Guennadi Liakhovetski wrote: > > On Mon, 29 Nov 2010, Greg KH wrote: > > > > > On Mon, Nov 29, 2010 at 09:54:10PM +0100, Guennadi Liakhovetski wrote: > > > > Hi Jon > > > > > > > > On Mon, 29 Nov 2010, Jonathan Corbet wrote: > > > > > > > > > On Mon, 29 Nov 2010 20:43:28 +0100 (CET) > > > > > Guennadi Liakhovetski <g.liakhovetski@....de> wrote: > > > > > > > > > > > When two drivers interoperate without an explicit dependency, it is often > > > > > > required to prevent one of them from being unloaded safely by dereferencing > > > > > > dev->driver->owner. This patch provides a generic function to do this in a > > > > > > race-free way. > > > > > > > > > > I must ask: why not, instead, make the dependency explicit? In > > > > > particular, this looks like an application for the proposed media > > > > > controller code, which is meant to model the connections between otherwise > > > > > independent devices. The fact that your example comes from V4L2 (which is > > > > > the current domain of the media controller) also argues that way. > > > > > > > > Sorry, don't see a good way to do this. This function is for a general > > > > dependency, where you don't have that driver, we are checking for register > > > > with us, so, the only way to get to it is via dev->driver->owner. > > > > > > Wait, what? The device is already bound to a driver, right, so why > > > would you care about "locking" the module into memory? What could this > > > possibly be used for? > > > > To protect against rmmod -> driver_unregister -> dev->driver = NULL? > > But again, why would some other driver ever care about what some random > dev->driver would be? It's not a random one, call it a "companion device." > > > > > And I also don't want to move registering the device into the > > > > dependant driver and then wait (with a timeout) for a driver to probe > > > > with it... I just want to verify, whether a driver has attached to > > > > that device and whether I can lock it down. > > > > > > Who cares if a driver is attached to any device? And again, why would > > > you want to "lock it down"? > > > > In my case I have two platform devices: CEU and CSI2. In some cases (with > > parallel sensors) CEU operates on its own. With serial (CSI-2) camera > > sensors we need the CSI2 driver. So, I want to > > try_module_get(csi2_dev->driver->owner) the CSI2 driver from my CEU > > driver. This call can Oops if not done safely. Am I missing something? Is > > there an easier way to achieve the same? > > Yes, from userspace load the module and then don't worry about it. Right, but I have to prevent the user-space from unloading it again. > Don't ever think that poking around in a dev->driver field is safe at > all, it isn't. I should just go hide the thing from the rest of the > kernel to keep this from happening, now that you mention it... Exactly, that's why I'm proposing it for dd.c;) Thanks Guennadi --- Guennadi Liakhovetski, Ph.D. Freelance Open-Source Software Developer http://www.open-technology.de/ -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists