lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20160203160235.GA15567@intel.com>
Date:	Wed, 3 Feb 2016 08:02:35 -0800
From:	Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>
To:	Jason Gunthorpe <jgunthorpe@...idianresearch.com>
Cc:	Peter Huewe <peterhuewe@....de>, stable@...r.kernel.org,
	tpmdd-devel@...ts.sourceforge.net, linux-kernel@...r.kernel.org
Subject: Re: [tpmdd-devel] [PATCH] tpm: fix rollback/cleanup before
 tpm_chip_register()

On Tue, Feb 02, 2016 at 04:13:53PM -0700, Jason Gunthorpe wrote:
> On Sat, Jan 30, 2016 at 06:05:42PM -0800, Jarkko Sakkinen wrote:
> > The release-callback is not used before the device is attached to the
> > device hierarchy. This caused resources not to cleanup properly if the
> > device driver initialization failed before tpm_chip_register().
> 
> This commentary is not right, the release callback is callable
> immediately after device_initialize returns, it will be called by the
> last put_device().

Ah, right.

> > - * tpmm_chip_alloc() - allocate a new struct tpm_chip instance
> > - * @dev: device to which the chip is associated
> > + * tpmm_chip_alloc() - allocate and initialize a TPM chip
> > + * @pdev: the platform device who is the parent of the chip
> 
> ? A platform device is not required, just something in a state that
> can handle devm.

Platform device in a generic sense like like ACPI or PNP device or
something else. How would you call it instead? I want to call the
parameter something else than 'dev' solely for readability.

Would s/the platform device/the parent device/ be better?

> > +	/* Associate character device with the platform device only after
> > +	 * it is properly initialized.
> > +	 */
> > +	dev_set_drvdata(pdev, chip);
> > +	devm_add_action(pdev, (void (*)(void *)) tpm_dev_release,
> > &chip->dev);
> 
> No, a release function can never be called naked. The action needs
> to do put_device, which is the error unwind for device_initialize().

Got it (already from your first comment)!

What does "called naked" even mean? I just don't understand the
english here and want to be sure that I understand what you are saying
and not make false assumptions.


> > @@ -162,7 +165,10 @@ static int tpm_add_char_device(struct tpm_chip *chip)
> >  			MINOR(chip->dev.devt), rc);
> >  
> >  		cdev_del(&chip->cdev);
> > -		return rc;
> > +	} else {
> > +		devm_remove_action(chip->dev.parent,
> > +				   (void (*)(void *)) tpm_dev_release,
> > +				   &chip->dev);
> 
> This is in the wrong place, the devm should be canceled only if
> tpm_chip_register returns success, at that point the caller's contract
> is to guarentee a call to tpm_chip_unregister, and
> tpm_chip_unregister does the put_device that calls the release
> function.

rc == 0 at that point i.e. success. I don't see the problem here.

> Jason

/Jarkko

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ