| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 9 Jan 2019 09:52:08 +0000
From: Marc Zyngier <marc.zyngier@....com>
To: "Zhao, Yuanyuan" <yuanyuan.zhao@...-semitech.com>
Cc: "tglx@...utronix.de" <tglx@...utronix.de>,
"jason@...edaemon.net" <jason@...edaemon.net>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"linux-arm-kernel@...ts.infradead.org"
<linux-arm-kernel@...ts.infradead.org>,
"Zheng, Joey" <yu.zheng@...-semitech.com>,
"Wang, Dongsheng" <dongsheng.wang@...-semitech.com>
Subject: Re: [RESEND 1/1] gic: its: Make sure a LPI is discarded before free.
On 09/01/2019 09:29, Zhao, Yuanyuan wrote:
> Hi Marc:
>
> Thank you for your reply.
>
> As you said, APIs such as free_irq will deactivate irq
> before free it. But deactivation is not forced by every API,
> for example irq_dispose_mapping. So I think it's better to check
> that irq was deactivated as expected.
In general, we should fix the problem at the core API level instead of
hacking individual drivers.
But more to the point, irq_dispose_mapping is not supposed to do
anything with the an active irq, as it doesn't have the required
information to safely remove it.
So calling irq_dispose_mapping on an interrupt that still has registered
actions is a bug, and I'm not convinced we want to cater for such a
case. Do you have a concrete example of some kernel code expecting this
behaviour?
Thanks,
M.
>
> BRs,
> Yuanyuan
>
>
>> -----Original Message-----
>> From: Marc Zyngier [mailto:marc.zyngier@....com]
>> Sent: 2019年1月9日 15:43
>> To: Zhao, Yuanyuan <yuanyuan.zhao@...-semitech.com>
>> Cc: tglx@...utronix.de; jason@...edaemon.net; linux-
>> kernel@...r.kernel.org; linux-arm-kernel@...ts.infradead.org; Zheng, Joey
>> <yu.zheng@...-semitech.com>; Wang, Dongsheng <dongsheng.wang@...-
>> semitech.com>
>> Subject: Re: [RESEND 1/1] gic: its: Make sure a LPI is discarded before free.
>>
>> On Wed, 9 Jan 2019 11:53:27 +0800
>> Zhao Yuanyuan <yuanyuan.zhao@...-semitech.com> wrote:
>>
>> Hi Zhao,
>>
>>> Its device will be removed after all events be freed.
>>> Undisarded events can lead to unpredictable behaviar.
>>>
>>> Signed-off-by: Zhao Yuanyuan <yuanyuan.zhao@...-semitech.com>
>>> ---
>>> drivers/irqchip/irq-gic-v3-its.c | 4 ++++
>>> 1 file changed, 4 insertions(+)
>>>
>>> diff --git a/drivers/irqchip/irq-gic-v3-its.c
>>> b/drivers/irqchip/irq-gic-v3-its.c
>>> index db20e99..4fee008 100644
>>> --- a/drivers/irqchip/irq-gic-v3-its.c
>>> +++ b/drivers/irqchip/irq-gic-v3-its.c
>>> @@ -2572,6 +2572,10 @@ static void its_irq_domain_free(struct
>> irq_domain *domain, unsigned int virq,
>>> virq + i);
>>> u32 event = its_get_event_id(data);
>>>
>>> + /* Discard irq before free */
>>> + if (irqd_is_activated(d))
>>> + its_send_discard(its_dev, event);
>>> +
>>> /* Mark interrupt index as unused */
>>> clear_bit(event, its_dev->event_map.lpi_map);
>>>
>>
>> But we already do send a discard on deactivate, which logically happens
>> before we free the domain. So what are you fixing here?
>>
>> Thanks,
>>
>> M.
>> --
>> Without deviation from the norm, progress is not possible.
--
Jazz is not dead. It just smells funny...
Powered by blists - more mailing lists