lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Tue, 26 Aug 2014 10:49:24 +0200
From:	Thierry Reding <>
To:	Grant Likely <>
Cc:	Jon Loeliger <>, Mark Rutland <>,
	Alexander Holler <>,
	"" <>,
	"" <>,
	Russell King <>,
	Greg Kroah-Hartman <>,
	Rob Herring <>,
	Arnd Bergmann <>,
Subject: Re: [RFC PATCH 0/9] dt: dependencies (for deterministic driver
 initialization order based on the DT)

On Tue, Aug 26, 2014 at 09:42:08AM +0100, Grant Likely wrote:
> On Mon, 25 Aug 2014 15:37:16 +0200, Thierry Reding <> wrote:
> > There are somewhat standardized bindings for the above and especially
> > for bindings of the type that clocks implement this is trivial. We can
> > simply iterate over each (phandle, specifier) tuple and check that the
> > corresponding clock provider can be resolved (which typically means that
> > it's been registered with the common clock framework).
> > 
> > For regulators (and regulator-like bindings) the problem is somewhat
> > more difficult because they property names are not standardized. One way
> > to solve this would be to look for property names with a -supply suffix,
> > but that could obviously lead to false positives. One alternative that I
> > think could eliminate this would be to explicitly list dependencies in
> > drivers. This would allow core code to step through such a list and
> > resolve the (phandle, specifier) tuples.
> False positives and negatives may not actually be a problem. It is
> suboptimal, certainly, but it shouldn't outright break the kernel.

There could be cases where some random integer in a cell could be
interpreted as a phandle and resolve to a struct device_node. I suppose
it might be unlikely, but not impossible, that the device_node could
even match a device in the correct subsystem and you'd get a wrong
dependency. Granted, a wrong dependency may not be catastrophic in that
it won't lead to a crash, but it could lead to various kinds of
weirdness and hard to diagnose problems.


Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists