lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.44L0.2002251419120.1485-100000@iolanthe.rowland.org>
Date:   Tue, 25 Feb 2020 14:39:23 -0500 (EST)
From:   Alan Stern <stern@...land.harvard.edu>
To:     Eugeniu Rosca <erosca@...adit-jv.com>
cc:     linux-usb@...r.kernel.org, <linux-renesas-soc@...r.kernel.org>,
        <linux-kernel@...r.kernel.org>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Thinh Nguyen <Thinh.Nguyen@...opsys.com>,
        "Lee, Chiasheng" <chiasheng.lee@...el.com>,
        Mathieu Malaterre <malat@...ian.org>,
        Kai-Heng Feng <kai.heng.feng@...onical.com>,
        Hardik Gajjar <hgajjar@...adit-jv.com>,
        <scan-admin@...erity.com>, Eugeniu Rosca <roscaeugeniu@...il.com>
Subject: Re: [PATCH] usb: hub: Fix unhandled return value of usb_autopm_get_interface()

On Tue, 25 Feb 2020, Eugeniu Rosca wrote:

> Hi Alan,
> 
> Many thanks for the prompt review.
> 
> On Tue, Feb 25, 2020 at 10:32:32AM -0500, Alan Stern wrote:
> > On Tue, 25 Feb 2020, Eugeniu Rosca wrote:
> > > +		int r = usb_autopm_get_interface(intf);
> > > +
> > > +		if (!r)
> > > +			hub->quirk_disable_autosuspend = 1;
> > > +		else
> > > +			dev_dbg(&intf->dev, "disable autosuspend err=%d\n", r);
> > >  	}
> > >  
> > >  	if (hub_configure(hub, &desc->endpoint[0].desc) >= 0)
> > 
> > This change is not necessary, because the resume operation cannot fail
> > at this point (interfaces are always powered-up during probe).
> 
> Agreed to avoid unneeded complexity.
> 
> > A better solution would be to call usb_autpm_get_interface_no_resume()
> > instead.
> 
> Pushed to https://lore.kernel.org/lkml/20200225183057.31953-1-erosca@de.adit-jv.com
> 
> > 
> > On the other hand, the other places that call
> > usb_autopm_get_interface() without checking should be audited.  Some of
> > them almost certainly need to be fixed.
> 
> A quick 'git grep' outputs below list of auditable candidates [1].
> 
> With no relevant devices at hand, I would avoid touching these drivers,
> since oftentimes even legitimate patches introduce regressions w/o
> testing.
> 
> If anybody volunteers with testing, I guess it should be quick to
> either convert usb_autpm_get_interface to *_no_resume variant or
> handle the return value in place in below instances.
> 
> [1] (v5.6-rc3) git grep -En "[^=]\s+usb_autopm_get_interface\("
>   drivers/input/touchscreen/usbtouchscreen.c:1788:  usb_autopm_get_interface(intf);
>   drivers/media/usb/stkwebcam/stk-webcam.c:628:     usb_autopm_get_interface(dev->interface);
>   drivers/net/usb/hso.c:1308:                       usb_autopm_get_interface(serial->parent->interface);
>   drivers/net/usb/r8152.c:5231:                     usb_autopm_get_interface(tp->intf);
>   sound/usb/usx2y/us122l.c:192:                     usb_autopm_get_interface(iface);

Your regular expression isn't right because it doesn't match lines
where the usb_autopm_get_interface() is preceded only by one whitespace
character (i.e., a tab).  It also will match lines where there are two
space characters between the = sign and the function name.  I think
what you want is more like "(^|[^=[:space:]])\s*" at the start of the
RE.

A revised search finds line 997 in drivers/usb/core/hub.c and lines
216, 269 in drivers/usb/core/port.c.  (I didn't try looking in any
other directories.)  AFAICT all three of these should check the return
value, although a error message in the kernel log probably isn't
needed.

Do you want to fix those instances up also, maybe merging them in with
the existing patch?

Alan Stern

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ