lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Fri, 25 Mar 2016 15:35:07 +0100
From:	Benjamin Tissoires <benjamin.tissoires@...il.com>
To:	Jiri Kosina <jikos@...nel.org>
Cc:	Ping Cheng <pinglinux@...il.com>,
	Laura Abbott <labbott@...hat.com>,
	Ping Cheng <pingc@...om.com>,
	Jason Gerecke <jason.gerecke@...om.com>,
	linux-input <linux-input@...r.kernel.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	Benjamin Tissoires <benjamin.tissoires@...hat.com>
Subject: Re: [REGRESSION] panic with Wacom One Tablet on 4.4.x kernel

On Thu, Mar 24, 2016 at 3:37 PM, Jiri Kosina <jikos@...nel.org> wrote:
> On Thu, 24 Mar 2016, Jiri Kosina wrote:
>
>> > Yes, please provide a bisect report so we get a clue.
>> >
>> > I do not have a "Wacom One". I have a Wacom Bamboo Pen, which goes
>> > through the same code base as "Wacom One". I tested kernel 4.4.4. I
>> > don't see the issue.
>>
>> Laura, do we have any result from the bisect please?
>
> BTW seems like wacom_get_report() got EPIPE and bailed out.
>
> We used to retry on EPIPE before aef3156d72. Would it make sense to retest
> with that commit reverted?

Well, the problem is the device exposes a useless interface that
behaves like it should be working, but there are no sensors connected
to it. I wouldn't be surprised if the device just complains when we
are pocking at it when we should not.

>
> Could be that the device is for some reason causing only temporary EPIPE
> that eventually gets fixed over time.
>
> I still don't exactly see how that'd cause the null pointer dereference
> later, but retval handling wacom_get_report() might possibly need some
> loving care as well, looking quickly at the code. But that still needs to
> be investigated.

See the patch I just sent. The difference from a HID point of view
between a Bamboo Pen+Touch and a Bamboo ONE is null. However, the
Bamboo ONE has no sensors connected to the Pad and Touch interface,
and generates some spurious events. Given that all the protocol is
hardcoded in the driver, wacom.ko tries to access the pad input node
but there was none because the device is marked as "Pen only".

The solution is to actually detect the Pen only devices and check that
the HID report descriptor matches a Pen only (or detect touch+pad
interface, like I did). This was, we just don't care about the events
on the not-used interface and everybody lives happily ever after.

Cheers,
Benjamin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ