lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 10 Jan 2019 00:47:56 +0300
From:   Yauhen Kharuzhy <jekhor@...il.com>
To:     Charles Keepax <ckeepax@...nsource.cirrus.com>
Cc:     wsa@...-dreams.de, linux-i2c@...r.kernel.org,
        linux-kernel@...r.kernel.org, patches@...nsource.cirrus.com
Subject: Re: [PATCH 2/2] i2c: Clear client->irq in i2c_device_remove

On Fri, Oct 19, 2018 at 09:59:58AM +0100, Charles Keepax wrote:
> The IRQ will be mapped in i2c_device_probe only if client->irq is zero and
> i2c_device_remove does not clear this. When rebinding an I2C device,
> whos IRQ provider has also been rebound this means that an IRQ mapping
> will never be created, causing the I2C device to fail to acquire its
> IRQ. Fix this issue by clearing client->irq in i2c_device_remove,
> forcing i2c_device_probe to lookup the mapping again.

Hi.

I found  driver i2c/busses/i2c-cht-wc.c which instantiates I2C device
(battery charger) and passes IRQ to driver not using standard I2C IRQ mapping code.
So if we reprobe I2C device (by reloading I2C device driver module or by
manipulations with sysfs), we get invalid IRQ number for client:

 adap->client_irq = irq_create_mapping(adap->irq_domain, 0);
 ...
 irq_set_chip_data(adap->client_irq, adap);
 irq_set_chip_and_handler(adap->client_irq, &adap->irqchip, handle_simple_irq);
 ...
 board_info.irq = adap->client_irq;
 adap->client = i2c_new_device(&adap->adapter, &board_info);


adap->client->irq will be reset after device removing here.


Any advice to fix this? Maybe move initial i2c_client->irq value to new field
like client->init_irq and copy it to client->irq at probing, for example?

> 
> Signed-off-by: Charles Keepax <ckeepax@...nsource.cirrus.com>
> Reviewed-by: Benjamin Tissoires <benjamin.tissoires@...hat.com>
> ---
>  drivers/i2c/i2c-core-base.c | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/drivers/i2c/i2c-core-base.c b/drivers/i2c/i2c-core-base.c
> index 656f0a6fe3adf..28460f6a60cc1 100644
> --- a/drivers/i2c/i2c-core-base.c
> +++ b/drivers/i2c/i2c-core-base.c
> @@ -430,6 +430,8 @@ static int i2c_device_remove(struct device *dev)
>  	dev_pm_clear_wake_irq(&client->dev);
>  	device_init_wakeup(&client->dev, false);
>  
> +	client->irq = 0;
> +
>  	return status;
>  }
>  

-- 
Yauhen Kharuzhy

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ