lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Wed, 9 Jan 2019 09:52:08 +0000
From:   Marc Zyngier <marc.zyngier@....com>
To:     "Zhao, Yuanyuan" <yuanyuan.zhao@...-semitech.com>
Cc:     "tglx@...utronix.de" <tglx@...utronix.de>,
        "jason@...edaemon.net" <jason@...edaemon.net>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "linux-arm-kernel@...ts.infradead.org" 
        <linux-arm-kernel@...ts.infradead.org>,
        "Zheng, Joey" <yu.zheng@...-semitech.com>,
        "Wang, Dongsheng" <dongsheng.wang@...-semitech.com>
Subject: Re: [RESEND 1/1] gic: its: Make sure a LPI is discarded before free.

On 09/01/2019 09:29, Zhao, Yuanyuan wrote:
> Hi Marc:
> 
> Thank you for your reply. 
> 
> As you said, APIs such as free_irq will deactivate irq
> before free it. But deactivation is not forced by every API,
> for example irq_dispose_mapping.  So I think it's better to check 
> that irq was deactivated as expected.

In general, we should fix the problem at the core API level instead of
hacking individual drivers.

But more to the point, irq_dispose_mapping is not supposed to do
anything with the an active irq, as it doesn't have the required
information to safely remove it.

So calling irq_dispose_mapping on an interrupt that still has registered
actions is a bug, and I'm not convinced we want to cater for such a
case. Do you have a concrete example of some kernel code expecting this
behaviour?

Thanks,

	M.

> 
> BRs,
> Yuanyuan
> 
> 
>> -----Original Message-----
>> From: Marc Zyngier [mailto:marc.zyngier@....com]
>> Sent: 2019年1月9日 15:43
>> To: Zhao, Yuanyuan <yuanyuan.zhao@...-semitech.com>
>> Cc: tglx@...utronix.de; jason@...edaemon.net; linux-
>> kernel@...r.kernel.org; linux-arm-kernel@...ts.infradead.org; Zheng, Joey
>> <yu.zheng@...-semitech.com>; Wang, Dongsheng <dongsheng.wang@...-
>> semitech.com>
>> Subject: Re: [RESEND 1/1] gic: its: Make sure a LPI is discarded before free.
>>
>> On Wed, 9 Jan 2019 11:53:27 +0800
>> Zhao Yuanyuan <yuanyuan.zhao@...-semitech.com> wrote:
>>
>> Hi Zhao,
>>
>>> Its device will be removed after all events be freed.
>>> Undisarded events can lead to unpredictable behaviar.
>>>
>>> Signed-off-by: Zhao Yuanyuan <yuanyuan.zhao@...-semitech.com>
>>> ---
>>>  drivers/irqchip/irq-gic-v3-its.c | 4 ++++
>>>  1 file changed, 4 insertions(+)
>>>
>>> diff --git a/drivers/irqchip/irq-gic-v3-its.c
>>> b/drivers/irqchip/irq-gic-v3-its.c
>>> index db20e99..4fee008 100644
>>> --- a/drivers/irqchip/irq-gic-v3-its.c
>>> +++ b/drivers/irqchip/irq-gic-v3-its.c
>>> @@ -2572,6 +2572,10 @@ static void its_irq_domain_free(struct
>> irq_domain *domain, unsigned int virq,
>>>  								virq + i);
>>>  		u32 event = its_get_event_id(data);
>>>
>>> +		/* Discard irq before free */
>>> +		if (irqd_is_activated(d))
>>> +			its_send_discard(its_dev, event);
>>> +
>>>  		/* Mark interrupt index as unused */
>>>  		clear_bit(event, its_dev->event_map.lpi_map);
>>>
>>
>> But we already do send a discard on deactivate, which logically happens
>> before we free the domain. So what are you fixing here?
>>
>> Thanks,
>>
>> 	M.
>> --
>> Without deviation from the norm, progress is not possible.


-- 
Jazz is not dead. It just smells funny...

Powered by blists - more mailing lists