lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <bf68ebe7-15df-392c-3796-8ef8ad86d13a@collabora.com>
Date:   Wed, 5 Feb 2020 10:06:16 +0100
From:   Enric Balletbo i Serra <enric.balletbo@...labora.com>
To:     Gwendal Grignou <gwendal@...omium.org>,
        Marek Szyprowski <m.szyprowski@...sung.com>
Cc:     Yicheng Li <yichengli@...omium.org>,
        LKML <linux-kernel@...r.kernel.org>,
        Benson Leung <bleung@...omium.org>,
        Guenter Roeck <groeck@...omium.org>,
        Lee Jones <lee.jones@...aro.org>,
        Andy Shevchenko <andriy.shevchenko@...ux.intel.com>,
        Jonathan Cameron <Jonathan.Cameron@...wei.com>,
        Evan Green <evgreen@...omium.org>,
        Rushikesh S Kadam <rushikesh.s.kadam@...el.com>,
        Thomas Gleixner <tglx@...utronix.de>
Subject: Re: [PATCH v6] platform/chrome: cros_ec: Query EC protocol version if
 EC transitions between RO/RW

Hi,

On 4/2/20 21:40, Gwendal Grignou wrote:
> Reviewed-by: Gwendal Grignou <gwendal@...omium.org>
> 
> On Mon, Feb 3, 2020 at 11:30 PM Marek Szyprowski
> <m.szyprowski@...sung.com> wrote:
>>
>> Hi
>>
>> On 03.02.2020 23:53, Yicheng Li wrote:
>>> RO and RW of EC may have different EC protocol version. If EC transitions
>>> between RO and RW, but AP does not reboot (this is true for fingerprint
>>> microcontroller / cros_fp, but not true for main ec / cros_ec), the AP
>>> still uses the protocol version queried before transition, which can
>>> cause problems. In the case of fingerprint microcontroller, this causes
>>> AP to send the wrong version of EC_CMD_GET_NEXT_EVENT to RO in the
>>> interrupt handler, which in turn prevents RO to clear the interrupt
>>> line to AP, in an infinite loop.
>>>
>>> Once an EC_HOST_EVENT_INTERFACE_READY is received, we know that there
>>> might have been a transition between RO and RW, so re-query the protocol.
>>>
>>> Signed-off-by: Yicheng Li <yichengli@...omium.org>
>>
>> Tested-by: Marek Szyprowski <m.szyprowski@...sung.com>
>>
>> Works fine on Samsung Exynos-based Chromebooks: Snow, Peach-Pit and
>> Peach-Pi.
>>

Thanks, we will pick this patch once 5.6-rc1 is out. For my own reference:

Acked-for-chrome-platform: Enric Balletbo i Serra <enric.balletbo@...labora.com>


>>> ---
>>> Hi Enric and Marek,
>>>
>>>> This patch landed recently in linux-next as commit
>>>> 241a69ae8ea8e2defec751fe55dac1287aa044b8. Sadly, it causes following
>>>> kernel oops on any key press on Samsung Exynos-based Chromebooks (Snow,
>>>> Peach-Pit and Peach-Pi):
>>>
>>>> Many thanks for report the issue, we will take a look ASAP and revert
>>>> this commit meanwhile.
>>>
>>>> Simply removing the BUG_ON() from cros_ec_get_host_event() function
>>>> fixes the issue, but I don't know the protocol details to judge if this
>>>> is the correct way of fixing it.
>>> The issue was those Samsung Chromebooks (Snow, Peach-Pit and Peach-Pi)
>>> do not support mkbp events, yet we applied the same thing to them, which
>>> we shouldn't. This v6 should fix it: I Just added a check
>>>
>>>       if (ec_dev->mkbp_event_supported)
>>>
>>> in cros_ec_register().
>>>
>>>
>>>
>>> drivers/platform/chrome/cros_ec.c           | 29 +++++++++++++++++++++
>>>   include/linux/platform_data/cros_ec_proto.h |  3 +++
>>>   2 files changed, 32 insertions(+)
>>>
>>> diff --git a/drivers/platform/chrome/cros_ec.c b/drivers/platform/chrome/cros_ec.c
>>> index 9b2d07422e17..f16804db805b 100644
>>> --- a/drivers/platform/chrome/cros_ec.c
>>> +++ b/drivers/platform/chrome/cros_ec.c
>>> @@ -104,6 +104,23 @@ static int cros_ec_sleep_event(struct cros_ec_device *ec_dev, u8 sleep_event)
>>>       return ret;
>>>   }
>>>
>>> +static int cros_ec_ready_event(struct notifier_block *nb,
>>> +     unsigned long queued_during_suspend, void *_notify)
>>> +{
>>> +     struct cros_ec_device *ec_dev = container_of(nb, struct cros_ec_device,
>>> +                                                  notifier_ready);
>>> +     u32 host_event = cros_ec_get_host_event(ec_dev);
>>> +
>>> +     if (host_event & EC_HOST_EVENT_MASK(EC_HOST_EVENT_INTERFACE_READY)) {
>>> +             mutex_lock(&ec_dev->lock);
>>> +             cros_ec_query_all(ec_dev);
>>> +             mutex_unlock(&ec_dev->lock);
>>> +             return NOTIFY_OK;
>>> +     }
>>> +
>>> +     return NOTIFY_DONE;
>>> +}
>>> +
>>>   /**
>>>    * cros_ec_register() - Register a new ChromeOS EC, using the provided info.
>>>    * @ec_dev: Device to register.
>>> @@ -201,6 +218,18 @@ int cros_ec_register(struct cros_ec_device *ec_dev)
>>>               dev_dbg(ec_dev->dev, "Error %d clearing sleep event to ec",
>>>                       err);
>>>
>>> +     if (ec_dev->mkbp_event_supported) {
>>> +             /*
>>> +              * Register the notifier for EC_HOST_EVENT_INTERFACE_READY
>>> +              * event.
>>> +              */
>>> +             ec_dev->notifier_ready.notifier_call = cros_ec_ready_event;
>>> +             err = blocking_notifier_chain_register(
>>> +                     &ec_dev->event_notifier, &ec_dev->notifier_ready);
>>> +             if (err)
>>> +                     return err;
>>> +     }
>>> +
>>>       dev_info(dev, "Chrome EC device registered\n");
>>>
>>>       return 0;
>>> diff --git a/include/linux/platform_data/cros_ec_proto.h b/include/linux/platform_data/cros_ec_proto.h
>>> index 0d4e4aaed37a..a1c545c464e7 100644
>>> --- a/include/linux/platform_data/cros_ec_proto.h
>>> +++ b/include/linux/platform_data/cros_ec_proto.h
>>> @@ -121,6 +121,8 @@ struct cros_ec_command {
>>>    * @event_data: Raw payload transferred with the MKBP event.
>>>    * @event_size: Size in bytes of the event data.
>>>    * @host_event_wake_mask: Mask of host events that cause wake from suspend.
>>> + * @notifier_ready: The notifier_block to let the kernel re-query EC
>>> + *      communication protocol when the EC sends EC_HOST_EVENT_INTERFACE_READY.
>>>    * @ec: The platform_device used by the mfd driver to interface with the
>>>    *      main EC.
>>>    * @pd: The platform_device used by the mfd driver to interface with the
>>> @@ -161,6 +163,7 @@ struct cros_ec_device {
>>>       int event_size;
>>>       u32 host_event_wake_mask;
>>>       u32 last_resume_result;
>>> +     struct notifier_block notifier_ready;
>>>
>>>       /* The platform devices used by the mfd driver */
>>>       struct platform_device *ec;
>>
>> Best regards
>> --
>> Marek Szyprowski, PhD
>> Samsung R&D Institute Poland
>>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ