lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <ada4a662f6c24d45a8c0bb5bcbdd80f9@ausx13mpc120.AMER.DELL.COM>
Date:   Tue, 17 Oct 2017 20:22:03 +0000
From:   <Mario.Limonciello@...l.com>
To:     <pali.rohar@...il.com>
CC:     <dvhart@...radead.org>, <andy.shevchenko@...il.com>,
        <linux-kernel@...r.kernel.org>,
        <platform-driver-x86@...r.kernel.org>, <luto@...nel.org>,
        <quasisec@...gle.com>, <rjw@...ysocki.net>, <mjg59@...gle.com>,
        <hch@....de>, <greg@...ah.com>, <gnomes@...rguk.ukuu.org.uk>
Subject: RE: [PATCH v9 05/17] platform/x86: dell-wmi-descriptor: split WMI
 descriptor into it's own driver

> -----Original Message-----
> From: Pali Rohár [mailto:pali.rohar@...il.com]
> Sent: Tuesday, October 17, 2017 1:59 PM
> To: Limonciello, Mario <Mario_Limonciello@...l.com>
> Cc: dvhart@...radead.org; Andy Shevchenko <andy.shevchenko@...il.com>;
> LKML <linux-kernel@...r.kernel.org>; platform-driver-x86@...r.kernel.org; Andy
> Lutomirski <luto@...nel.org>; quasisec@...gle.com; rjw@...ysocki.net;
> mjg59@...gle.com; hch@....de; Greg KH <greg@...ah.com>; Alan Cox
> <gnomes@...rguk.ukuu.org.uk>
> Subject: Re: [PATCH v9 05/17] platform/x86: dell-wmi-descriptor: split WMI
> descriptor into it's own driver
> 
> On Tuesday 17 October 2017 13:21:49 Mario Limonciello wrote:
> > +struct descriptor_priv {
> > +	struct list_head list;
> > +	u32 interface_version;
> > +	u32 size;
> > +};
> > +static LIST_HEAD(wmi_list);
> > +
> > +bool dell_wmi_get_interface_version(u32 *version)
> > +{
> > +	struct descriptor_priv *priv;
> > +
> > +	priv = list_first_entry_or_null(&wmi_list,
> > +					struct descriptor_priv,
> > +					list);
> > +	if (!priv)
> > +		return false;
> > +	*version = priv->interface_version;
> 
> There is a race condition. dell_wmi_descriptor_remove can be called
> between list_first_entry_or_null and dereferencing priv pointer.
> 

OK I'll add a mutex for this.

> > +	return true;
> > +}
> > +EXPORT_SYMBOL_GPL(dell_wmi_get_interface_version);
> > +
> > +bool dell_wmi_get_size(u32 *size)
> > +{
> > +	struct descriptor_priv *priv;
> > +
> > +	priv = list_first_entry_or_null(&wmi_list,
> > +					struct descriptor_priv,
> > +					list);
> > +	if (!priv)
> > +		return false;
> > +	*size = priv->size;
> 
> And same there.

OK I'll add a mutex for this.

> 
> > +	return true;
> > +}
> > +EXPORT_SYMBOL_GPL(dell_wmi_get_size);
> 
> ...
> 
> > @@ -733,9 +659,8 @@ static int dell_wmi_probe(struct wmi_device *wdev)
> >  		return -ENOMEM;
> >  	dev_set_drvdata(&wdev->dev, priv);
> >
> > -	err = dell_wmi_check_descriptor_buffer(wdev);
> > -	if (err)
> > -		return err;
> > +	if (!dell_wmi_get_interface_version(&priv->interface_version))
> > +		return -EPROBE_DEFER;
> 
> This could lead to another problem, when Dell decide to change WMI API
> and would not provide descriptor WMI GUID anymore, but still provide
> even WMI GUID.

This is getting into territory of "undefined new stuff" how can the kernel
know what to do with hardware that doesn't yet exist?
Anyway, its fine to think about.

> 
> Basically it is needed to distinguish between states:
> 
> 1) probe function of dell-wmi was called before probe function of
>    dell-wmi-descriptor device initialization
> 
> 2) probe function of dell-wmi was called, but there is no device
>    instance of dell-wmi-descriptor
> 
> 3) there is a device instance of dell-wmi-descriptor, but device is not
>    registered to dell-wmi-descriptor driver, e.g. because userspace
>    decided to forbid such thing, or because probing of
>    dell-wmi-descriptor device failed
> 
> 4) probe function of dell-wmi was called after probe function of
>    dell-wmi-descriptor successfully
> 
> I do not know how to handle such situation other drivers or how to do it
> correctly. I just wanted to show the fact that binding device <-->
> driver can fail in linux kernel (for more reasons) and in some cases
> repeating it does not make sense...
> 
> Maybe other developers would comment this part?

So I think the simple answer to this is to  use wmi_has_guid to determine
if the GUID that we're depending on exists on the bus.
If it doesn't exist abort the driver during probing.

If the device exists on the bus then addressing each state: 
<1> is solved by deferred probing
<2> won't happen
<3> dell-wmi should continue to wait in deferred probing in case 
userspace decides to bind later or probing succeeded later.
<4> is the good situation

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ