[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <56D774B6.6070108@mleia.com>
Date: Thu, 3 Mar 2016 01:18:14 +0200
From: Vladimir Zapolskiy <vz@...ia.com>
To: Andrew Lunn <andrew@...n.ch>
Cc: GregKH <greg@...ah.com>, srinivas.kandagatla@...aro.org,
maxime.ripard@...e-electrons.com, wsa@...-dreams.de,
broonie@...nel.org, linux-kernel@...r.kernel.org,
pantelis.antoniou@...sulko.com, bgolaszewski@...libre.com
Subject: Re: [PATCHv7 6/7] eeprom: 93xx46: extend driver to plug into the
NVMEM framework
On 03.03.2016 00:26, Andrew Lunn wrote:
>>> static ssize_t
>>> -eeprom_93xx46_bin_read(struct file *filp, struct kobject *kobj,
>>> - struct bin_attribute *bin_attr,
>>> - char *buf, loff_t off, size_t count)
>>> +eeprom_93xx46_read(struct eeprom_93xx46_dev *edev, char *buf,
>>> + unsigned off, size_t count)
>>> {
>>> - struct eeprom_93xx46_dev *edev;
>>> - struct device *dev;
>>> ssize_t ret = 0;
>>>
>>> - dev = kobj_to_dev(kobj);
>>> - edev = dev_get_drvdata(dev);
>>> + if (unlikely(off >= edev->size))
>>> + return 0;
>>> + if ((off + count) > edev->size)
>>> + count = edev->size - off;
>>> + if (unlikely(!count))
>>> + return count;
>>>
>>
>> I'm scratching my head, do you want to kind of revert
>> the change https://lkml.org/lkml/2015/7/26/89 ? Why?
>
> Hi Vladimir
>
> I had not noticed you had removed this.
>
>> If you know regmap_config.max_register, then all necessary
>> boundary checks can be done inside NVMEM core.
>
> You don't have to use NVMEM, you could use the regmap directly.
No problem, regmap API from drivers/base/regmap/regmap.c contains
all necessary boundary checks as far as I understand.
> It is a public API. Also, during implementation, i did manage to get out of
> bounds read passed into the drivers and they caused a crash. That
> might of been AT24, i don't remember, but verifying is better than
> possible crashing.
>
IMHO to avoid boilerplate code and/or missed/redundant checks it
might be better to handle this particular kind of problem only
in one common place, for example sysfs binary attribute files do
not need this anymore, probably I should scrutinize the situation
with this transition to NVMEM as well.
If you remember a reproduction scenario for that crash, please let
me know.
At least this changeset must be applied I guess, am I right?
In other words is the code without this changeset safe in connection
to boundary checks, and this is a new discovered issue?
--
With best wishes,
Vladimir
Powered by blists - more mailing lists