lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sun, 6 Aug 2017 22:16:41 +0200
From:   Pali Rohár <pali.rohar@...il.com>
To:     Hans de Goede <hdegoede@...hat.com>
Cc:     Darren Hart <dvhart@...radead.org>,
        Andy Shevchenko <andy@...radead.org>,
        Andy Lutomirski <luto@...nel.org>,
        platform-driver-x86@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] RFC: platform/x86: wmi: Fix check for method instance number

On Sunday 06 August 2017 18:18:06 Hans de Goede wrote:
> Hi,
> 
> On 06-08-17 17:42, Pali Rohár wrote:
> > On Wednesday 14 June 2017 17:46:54 Pali Rohár wrote:
> >> On Tuesday 13 June 2017 11:42:28 Darren Hart wrote:
> >>> On Tue, Jun 13, 2017 at 08:04:57PM +0200, Pali Rohár wrote:
> >>>> On Tuesday 13 June 2017 18:49:51 Darren Hart wrote:
> >>>>> I'd suggest reaching out to the maintainers and contributors to
> >>>>> the drivers you mention to request some help in testing.
> >>>> 
> >>>> Seems sane. Grep for all methods with instance number different
> >>>> as zero (or just number one -- which can be suspicious as
> >>>> somebody could thought that indexing is from one, not zer) and
> >>>> try to receive ACPI/BMOF data and verify it.
> >>> 
> >>> This would still be the ideal solution, verify we can do the
> >>> right thing without breaking existing drivers. Agreed.
> >> 
> >> Here is all usage:
> >> 
> >> Function wmi_set_block:
> >>    msi-wmi.c:
> >>    instance=0 /* Instance 0 is "set backlight" */
> >>    
> >>    tc1100-wmi.c:
> >>    instance=TC1100_INSTANCE_WIRELESS /* defined as 1 */
> >>    instance=TC1100_INSTANCE_JOGDIAL  /* defined as 2 */
> >> 
> >> Function wmi_query_block:
> >>    acer-wmi.c:
> >>    instance=1 /* no comment why,
> >> 
> >> guid=95764E09-FB56-4E83-B31A-37761F60994A */
> >> 
> >>    dell-wmi.c:
> >>    instance=0
> >>    
> >>    msi-wmi.c:
> >>    instance=1 /* Instance 1 is "get backlight", cmp with DSDT */
> >>    
> >>    surface3-wmi.c:
> >>    instance=0
> >>    
> >>    tc1100-wmi.c:
> >>    (same as in wmi_set_block)
> >> 
> >> Function wmi_evaluate_method:
> >>    acer-wmi.c:
> >>    instance=1 /* no comment why,
> >> 
> >> guid=67C3371D-95A3-4C37-BB61-DD47B491DAAB */ instance=1 /* no
> >> comment why, guid=6AF4F258-B401-42FD-BE91-3D4AC2D7C0D3 */
> >> instance=0
> >> 
> >>    alienware-wmi.c:
> >>    instance=1 /* no comment why,
> >> 
> >> guid=A70591CE-A997-11DA-B012-B622A1EF5492 */ instance=1 /* no
> >> comment why, guid=A80593CE-A997-11DA-B012-B622A1EF5492 */
> >> instance=1 /* no comment why,
> >> guid=A70591CE-A997-11DA-B012-B622A1EF5492 */
> >> 
> >>    asus-wmi.c:
> >>    instance=1 /* no comment why,
> >> 
> >> guid=97845ED0-4E6D-11DE-8A39-0800200C9A66 */
> >> 
> >>    dell-wmi-led.c:
> >>    instance=1 /* no comment why,
> >> 
> >> guid=F6E4FE6E-909D-47cb-8BAB-C9F6F2F8D396 */
> >> 
> >>    hp-wmi.c:
> >>    instance=0
> >>    
> >>    mxm-wmi.c:
> >>    instance=1 /* no comment why,
> >> 
> >> guid=F6CB5C3C-9CAE-4EBD-B577-931EA32A2CC0 */
> >> 
> >> So problematic drivers which use instance=1 without any comments
> >> are:
> >>    acer-wmi
> >>    alienware-wmi
> >>    asus-wmi
> >>    dell-wmi-led
> >>    mxm-wmi
> > 
> > Also there is a new problematic driver named peaq-wmi.c added by
> > Hans. Adding into loop. Hans, can you recheck if arguments for
> > wmi_evaluate_method() are correct, specially instance number "1"?
> 
> Ok, so looking at wmi_evaluate_method() the instance number becomes
> arg0 and the DSDT implementation of the WMBC method which is the one
> we care about is:
> 
>              Method (WMBC, 3, NotSerialized)
>              {
>                  If (Arg1 == 0x05)
>                  {
>                      Local0 = ^^GPO0.DBLY /* \_SB_.GPO0.DBLY */
>                      ^^GPO0.DBLY = Zero
>                      Return (Local0)
>                  }
> 
>                  Return (0xFFFFFFFF)
>              }
> 
> So the instance_index / Arg0 does not matter. I just tested passing 0
> and that works fine. Feel free to change this if that helps with the
> wmi refactoring.

Ok, thanks for testing.

> Interestingly enough passing wmi.debug_dump_wdg=1 shows that the
> BC object claims to have 10 instances, but the whole peaq-wmi
> interface appears to be a messy quick hack from the manufacturer,
> so that is not surprising.

Apparently, this is fully correct and should not cause any problems. 
Just all instances would do same thing.

-- 
Pali Rohár
pali.rohar@...il.com

Download attachment "signature.asc " of type "application/pgp-signature" (199 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ