lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20180127235140.CBFF12962D@kvm5.telegraphics.com.au>
Date:   Sat, 27 Jan 2018 18:51:40 -0500 (EST)
From:   Finn Thain <fthain@...egraphics.com.au>
To:     Geert Uytterhoeven <geert@...ux-m68k.org>
Cc:     linux-m68k@...ts.linux-m68k.org, linux-kernel@...r.kernel.org
Subject: [PATCH] m68k/mac: Fix apparent race condition in Baboon interrupt
 dispatch

The algorithm used in baboon_irq() appears to be subject to a race
condition: an IRQ flag could be lost if asserted between the MOV
instructions from and to the interrupt flag register. However,
testing shows that the write to the flag register has no effect.
Rewrite this loop to remove the apparent race condition.

No-one seems to know how to clear Baboon IRQ flags, or whether
that's even possible, so add a comment about this.

Tested-by: Stan Johnson <userm57@...oo.com>
Signed-off-by: Finn Thain <fthain@...egraphics.com.au>
---
 arch/m68k/mac/baboon.c | 27 ++++++++-------------------
 1 file changed, 8 insertions(+), 19 deletions(-)

diff --git a/arch/m68k/mac/baboon.c b/arch/m68k/mac/baboon.c
index c7ea6475ef9b..a7d280220662 100644
--- a/arch/m68k/mac/baboon.c
+++ b/arch/m68k/mac/baboon.c
@@ -18,10 +18,6 @@
 int baboon_present;
 static volatile struct baboon *baboon;
 
-#if 0
-extern int macide_ack_intr(struct ata_channel *);
-#endif
-
 /*
  * Baboon initialization.
  */
@@ -41,33 +37,26 @@ void __init baboon_init(void)
 }
 
 /*
- * Baboon interrupt handler. This works a lot like a VIA.
+ * Baboon interrupt handler.
+ * XXX how do you clear a pending IRQ? is it even necessary?
  */
 
 static void baboon_irq(struct irq_desc *desc)
 {
-	int irq_bit, irq_num;
-	unsigned char events;
+	short events, irq_bit;
+	int irq_num;
 
 	events = baboon->mb_ifr & 0x07;
-	if (!events)
-		return;
-
 	irq_num = IRQ_BABOON_0;
 	irq_bit = 1;
 	do {
-	        if (events & irq_bit) {
-			baboon->mb_ifr &= ~irq_bit;
+		if (events & irq_bit) {
+			events &= ~irq_bit;
 			generic_handle_irq(irq_num);
 		}
+		++irq_num;
 		irq_bit <<= 1;
-		irq_num++;
-	} while(events >= irq_bit);
-#if 0
-	if (baboon->mb_ifr & 0x02) macide_ack_intr(NULL);
-	/* for now we need to smash all interrupts */
-	baboon->mb_ifr &= ~events;
-#endif
+	} while (events);
 }
 
 /*
-- 
2.13.6

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ