lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 17 May 2018 18:10:49 +0100
From:   Srinivas Kandagatla <srinivas.kandagatla@...aro.org>
To:     Mark Brown <broonie@...nel.org>
Cc:     andy.gross@...aro.org, linux-arm-msm@...r.kernel.org,
        alsa-devel@...a-project.org, robh+dt@...nel.org,
        bgoswami@...eaurora.org, gregkh@...uxfoundation.org,
        david.brown@...aro.org, mark.rutland@....com, lgirdwood@...il.com,
        plai@...eaurora.org, tiwai@...e.com, perex@...ex.cz,
        devicetree@...r.kernel.org, linux-kernel@...r.kernel.org,
        linux-arm-kernel@...ts.infradead.org, rohkumar@....qualcomm.com,
        spatakok@....qualcomm.com
Subject: Re: [PATCH v8 09/24] ASoC: qdsp6: q6afe: Add q6afe driver

Thanks for the review.

On 17/05/18 07:55, Mark Brown wrote:
> On Wed, May 09, 2018 at 01:56:20PM +0100, Srinivas Kandagatla wrote:
> 
>> +static struct q6afe_port *afe_find_port(struct q6afe *afe, int token)
>> +{
>> +	struct q6afe_port *p = NULL;
>> +	struct q6afe_port *ret = NULL;
>> +	unsigned long flags;
>> +
>> +	spin_lock_irqsave(&afe->port_list_lock, flags);
>> +	list_for_each_entry(p, &afe->port_list, node)
>> +		if (p->token == token) {
>> +			ret = p;
>> +			break;
>> +		}
>> +
>> +	spin_unlock_irqrestore(&afe->port_list_lock, flags);
>> +	return ret;
> 
> This lock only protects the list, it does nothing to ensure that the
> port we look up is still valid by the time we return to the caller.
> That means we won't crash during list traversal but does nothing to
> ensure we won't crash immediately afterwards if the port is deallocated
> just after we look it up.  What stops that happening?

Each port is allocated and de-allocated in dai probe and remove calls 
respectively.

Lets say... So for this case to happen the dai has to be removed (unload 
module) at the same time when the interrupt callback happens due to 
delayed response from previous commands.

This case would be almost impossible because all the calls to afe 
service are synchronous with timeouts, if any of the previous calls 
times out the respective caller would get an error, this should prevent 
him from unloading the module in the first place.


thanks,
srini

>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ