lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Sat, 27 Apr 2019 13:58:09 +0300
From:   Serge Semin <fancer.lancer@...il.com>
To:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc:     Richard Leitner <richard.leitner@...data.com>,
        Serge Semin <Sergey.Semin@...latforms.ru>,
        linux-usb@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] usb: usb251xb: Lock i2c-bus segment the hub resides

On Sat, Apr 27, 2019 at 12:45:00PM +0200, Greg Kroah-Hartman wrote:
> On Sat, Apr 27, 2019 at 12:31:11PM +0300, Serge Semin wrote:
> > On Sat, Apr 27, 2019 at 09:53:23AM +0200, Greg Kroah-Hartman wrote:
> > > On Sat, Apr 27, 2019 at 10:39:41AM +0300, Serge Semin wrote:
> > > > On Sat, Apr 27, 2019 at 09:32:00AM +0200, Greg Kroah-Hartman wrote:
> > > > > On Sat, Apr 27, 2019 at 10:10:27AM +0300, Serge Semin wrote:
> > > > > > On Sat, Apr 27, 2019 at 09:00:42AM +0200, Greg Kroah-Hartman wrote:
> > > > > > > On Fri, Apr 26, 2019 at 01:46:50PM +0300, Serge Semin wrote:
> > > > > > > > SMBus slave configuration is activated by CFG_SEL[1:0]=0x1 pins
> > > > > > > > state. This is the mode the hub is supposed to be to let this driver
> > > > > > > > work correctly. But a race condition might happen right after reset
> > > > > > > > is cleared due to CFG_SEL[0] pin being multiplexed with SMBus SCL
> > > > > > > > function. In case if the reset pin is handled by a i2c GPIO expander,
> > > > > > > > which is also placed at the same i2c-bus segment as the usb251x
> > > > > > > > SMB-interface connected to, then the hub reset clearance might
> > > > > > > > cause the CFG_SEL[0] being latched in unpredictable state. So
> > > > > > > > sometimes the hub configuration mode might be 0x1 (as expected),
> > > > > > > > but sometimes being 0x0, which doesn't imply to have the hub SMBus-slave
> > > > > > > > interface activated and consequently causes this driver failure.
> > > > > > > > 
> > > > > > > > In order to fix the problem we must make sure the GPIO-reset chip doesn't
> > > > > > > > reside the same i2c-bus segment as the SMBus-interface of the hub. If
> > > > > > > > it doesn't, we can safely block the segment for the time the reset is
> > > > > > > > cleared to prevent anyone generating a traffic at the i2c-bus SCL lane
> > > > > > > > connected to the CFG_SEL[0] pin. But if it does, nothing we can do, so
> > > > > > > > just return an error. If we locked the i2c-bus segment and tried to
> > > > > > > > communicate with the GPIO-expander, it would cause a deadlock. If we didn't
> > > > > > > > lock the i2c-bus segment, it would randomly cause the CFG_SEL[0] bit flip.
> > > > > > > > 
> > > > > > > > Signed-off-by: Serge Semin <fancer.lancer@...il.com>
> > > > > > > > Signed-off-by: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
> > > > > > > 
> > > > > > > I signed off on this?  Where?  When?
> > > > > > > 
> > > > > > > never add a s-o-b line that you did not create, that implies a legal
> > > > > > > agreement.
> > > > > > > 
> > > > > > 
> > > > > > Ah, shit. Sorry. I should have added Acked-by. That's what I was going to do,
> > > > > > since you already added the first version of this into linux-next tree. But
> > > > > > apparently copy-pasted and left as is...
> > > > > 
> > > > > If I have already applied a patch, I can't apply it again (or a
> > > > > different version.)  You need to send a fix-up patch for the reported
> > > > > issue, not a whole new one as I can not go back in time and rewrite
> > > > > history.
> > > > > 
> > > > > thanks,
> > > > > 
> > > > > greg k-h
> > > > 
> > > > Ok. Should I send it in reply to this patch or as a completely separate one?
> > > 
> > > A separate one.
> > 
> > Just did this.
> > 
> > Two more questions.
> > 
> > Is there any online service or ready-to-use configs-gen-script to build
> > patchsets locally with various kernel configs before sending them for review?
> > By using this I'd most likely prevent such unfortunate mistakes in future
> > patches.
> 
> 'make allmodconfig' works for me.  Also, the 0-day bot sometimes will
> test patches sent to the mailing list before they are applied, but that
> doesn't always work.
> 
> > I suppose the situation like this isn't unique, and there are other patches
> > submitted with possible compilation problems. In this case seeing the linux-next
> > will be eventually integrated into the linux-stable, then at the point of those
> > patches the kernel source code will be build-broken corresponding config.
> > In this case wouldn't it be better to have some rebasable branch with build
> > robot service and fix the problematic patches in-place instead of
> > apply an incrementing commits? This also would keep the source code cleaner
> > at that particular commits.
> 
> As this passed the first round of 0-day testing in my rebasable branch,
> I assumed it was good enough.  But later testing found that not to be
> the case, which is pretty rare.  And I can't have public trees that are
> rebasable as people work off of them, so we can just live with fixing
> this up.
> 
> thanks,
> 
> greg k-h

Ok. Thanks for clarification. Next time I'll use the allmodconfig for a generic
build-test and, as there aren't other way, try to anticipate a possible configs
disabling issues.

-Sergey

Powered by blists - more mailing lists