lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20160208161542.GF7265@sirena.org.uk>
Date:	Mon, 8 Feb 2016 16:15:42 +0000
From:	Mark Brown <broonie@...nel.org>
To:	Purna Chandra Mandal <purna.mandal@...rochip.com>
Cc:	Joshua Henderson <joshua.henderson@...rochip.com>,
	linux-kernel@...r.kernel.org, linux-spi@...r.kernel.org
Subject: Re: [PATCH] spi: Fix incomplete handling of
 SPI_MASTER_MUST_RX/_MUST_TX

On Fri, Feb 05, 2016 at 10:30:24AM +0530, Purna Chandra Mandal wrote:

Please fix your mail client to word wrap within paragraphs at something
substantially less than 80 columns.  Doing this makes your messages much
easier to read and reply to.

> Idea is good, but not sufficient.
> Dummy buffers are _reallocated_ to accommodate larger size of transfer. In this if
> [originally NULL] .rx_buf/.tx_buf is not reset back to NULL after the transfer
> is over spi-core will find those .rx/tx_buf non-NULL in next _transfer() call and
> will pass the stale rx/tx_buf to spi controller driver which will definitely
> corrupt the memory and crash the system.

This needs to be clear to readers; a fairly obvious way of dealing with
this would be to rellocate down to a page rather than freeing.

> Above all the whole design depends on trust that core will not play with any data-structure
> which will break object-oriented/layered approach. So better to undo the modification
> (when needed to facilitate some functionality) unless core wants those information to be passed
> back to caller/client for reporting success or error or else.

That's really not the case, we already make a range of other
modifications to complete partially filled transfers in order to
simplify driver code.

Download attachment "signature.asc" of type "application/pgp-signature" (474 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ