lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 2 Feb 2016 16:13:53 -0700
From:	Jason Gunthorpe <jgunthorpe@...idianresearch.com>
To:	Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>
Cc:	Peter Huewe <peterhuewe@....de>, stable@...r.kernel.org,
	tpmdd-devel@...ts.sourceforge.net, linux-kernel@...r.kernel.org
Subject: Re: [tpmdd-devel] [PATCH] tpm: fix rollback/cleanup before
 tpm_chip_register()

On Sat, Jan 30, 2016 at 06:05:42PM -0800, Jarkko Sakkinen wrote:
> The release-callback is not used before the device is attached to the
> device hierarchy. This caused resources not to cleanup properly if the
> device driver initialization failed before tpm_chip_register().

This commentary is not right, the release callback is callable
immediately after device_initialize returns, it will be called by the
last put_device().

> - * tpmm_chip_alloc() - allocate a new struct tpm_chip instance
> - * @dev: device to which the chip is associated
> + * tpmm_chip_alloc() - allocate and initialize a TPM chip
> + * @pdev: the platform device who is the parent of the chip

? A platform device is not required, just something in a state that
can handle devm.

> +	/* Associate character device with the platform device only after
> +	 * it is properly initialized.
> +	 */
> +	dev_set_drvdata(pdev, chip);
> +	devm_add_action(pdev, (void (*)(void *)) tpm_dev_release,
> &chip->dev);

No, a release function can never be called naked. The action needs
to do put_device, which is the error unwind for device_initialize().

> @@ -162,7 +165,10 @@ static int tpm_add_char_device(struct tpm_chip *chip)
>  			MINOR(chip->dev.devt), rc);
>  
>  		cdev_del(&chip->cdev);
> -		return rc;
> +	} else {
> +		devm_remove_action(chip->dev.parent,
> +				   (void (*)(void *)) tpm_dev_release,
> +				   &chip->dev);

This is in the wrong place, the devm should be canceled only if
tpm_chip_register returns success, at that point the caller's contract
is to guarentee a call to tpm_chip_unregister, and
tpm_chip_unregister does the put_device that calls the release
function.

Jason

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ