lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Fri, 17 Jul 2020 09:02:34 -0700
From:   'Dmitry Torokhov' <dmitry.torokhov@...il.com>
To:     jingle <jingle.wu@....com.tw>
Cc:     'linux-kernel' <linux-kernel@...r.kernel.org>,
        'linux-input' <linux-input@...r.kernel.org>,
        'phoenix' <phoenix@....com.tw>,
        "'josh.chen'" <josh.chen@....com.tw>,
        "'kai.heng.feng'" <kai.heng.feng@...onical.com>
Subject: Re: [PATCH 2/2] Input: elan_i2c - Modify the IAP related functio n
 for page sizes 128, 512 bytes.

Hi Jingle,

On Fri, Jul 17, 2020 at 04:31:58PM +0800, jingle wrote:
> Hi Dmitry:
> 
> 1. 
> 
> In this function elan_get_fwinfo().
> 
> +static int elan_get_fwinfo(u16 ic_type, u8 iap_version, u8 pattern,
> +			   u16 *validpage_count, u32 *signature_address,
> +			   u16 *page_size)
>  {
> -	switch (ic_type) {
> +	u16 type = pattern >= 0x01 ? ic_type : iap_version;
> +
> +	switch (type) {
> 
> This iap_version in pattern0 is read from this command
> ETP_I2C_IAP_VERSION_CMD_OLD ,it is not from this command
> ETP_I2C_IAP_VERSION.
> So u16 type = pattern >= 0x01 ? ic_type : iap_version; <- wrong
> 
> 2. In this "static int elan_i2c_prepare_fw_update(struct i2c_client *client,
> u16 ic_type, u8 iap_version)" function.
> The ic is old pattern must be modify correct ic_type. (cmd is
> ETP_I2C_IAP_VERSION)

I see. It looks like there is some confusion on my part between IAP
version, IC type, and the commands that we want to use. Please let me
know if I understand this correctly:

- For patterns >=1 (newer)
  IAP version is retrieved with ETP_I2C_IAP_VERSION_CMD
  IC type is fetched with ETP_I2C_IC_TYPE_CMD
  Version comes from ETP_I2C_NSM_VERSION_CMD

- For pattern 0 (old)
  Before your patches
    IAP version was using ETP_I2C_IAP_VERSION_CMD (and you are saying
    it is wrong)
    Version comes from 1st byte of ETP_I2C_OSM_VERSION_CMD
    IC type comes from 2nd byte of ETP_I2C_OSM_VERSION_CMD (and you are
    saying it is some other bit of data - what is it then?)

  After your patches
    IAP version is retrieved with ETP_I2C_IAP_VERSION_CMD_OLD
    Version comes from 1st byte of ETP_I2C_OSM_VERSION_CMD
    IC type is retrieved with ETP_I2C_IAP_VERSION_CMD (should we rename
    it then?)

So the difference is where the the IC type is coming from for old
patterns. However, as I mentioned, we have the following body of code:

static int elan_check_ASUS_special_fw(struct elan_tp_data *data)
{
	if (data->ic_type == 0x0E) {
		switch (data->product_id) {
		case 0x05 ... 0x07:
		case 0x09:
		case 0x13:
			return true;
		}
	} else if (data->ic_type == 0x08 && data->product_id == 0x26) {
		/* ASUS EeeBook X205TA */
		return true;
	}

	return false;
}

And before your patches ic_type here would be the 2nd byte of response
to ETP_I2C_OSM_VERSION_CMD for older devices and my concern that
replacing it with data from ETP_I2C_IAP_VERSION_CMD would break these
checks.

We need to reconcile what we have in this function with what you are
proposing for firmware update code.

Thanks,
Dmitry

Powered by blists - more mailing lists