lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20200726011244.GA6587@sol>
Date:   Sun, 26 Jul 2020 09:12:44 +0800
From:   Kent Gibson <warthog618@...il.com>
To:     Andy Shevchenko <andy.shevchenko@...il.com>
Cc:     Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        "open list:GPIO SUBSYSTEM" <linux-gpio@...r.kernel.org>,
        Bartosz Golaszewski <bgolaszewski@...libre.com>,
        Linus Walleij <linus.walleij@...aro.org>
Subject: Re: [PATCH v2 05/18] gpiolib: cdev: support GPIO_GET_LINE_IOCTL and
 GPIOLINE_GET_VALUES_IOCTL

On Sat, Jul 25, 2020 at 11:51:54PM +0300, Andy Shevchenko wrote:
> On Sat, Jul 25, 2020 at 7:24 AM Kent Gibson <warthog618@...il.com> wrote:
> >
> > Add support for requesting lines using the GPIO_GET_LINE_IOCTL, and
> > returning their current values using GPIOLINE_GET_VALUES_IOCTL.
> 
> ...
> 
> > +struct line {
> > +       struct gpio_device *gdev;
> > +       const char *label;
> > +       u32 num_descs;
> 
> > +       /* descs must be last so it can be dynamically sized */
> 
> I guess [] implies above comment and thus comment can be dropped.
> 
> > +       struct gpio_desc *descs[];
> > +};
> 
> ...
> 
> > +static bool padding_not_zeroed(__u32 *padding, int pad_size)
> > +{
> > +       int i, sum = 0;
> > +
> > +       for (i = 0; i < pad_size; i++)
> > +               sum |= padding[i];
> > +
> > +       return sum;
> > +}
> 
> Reimplementation of memchr_inv() ?
> 

I was hoping to find an existing function, surely checking a region is
zeroed is a common thing, right?, so this was a place holder as much
as anything.  Not sure memchr_inv fits the bill, but I'll give it a
try...

> ...
> 
> > +static u64 gpioline_config_flags(struct gpioline_config *lc, int line_idx)
> > +{
> > +       int i;
> > +
> > +       for (i = lc->num_attrs - 1; i >= 0; i--) {
> 
> Much better to read is
> 
> unsigned int i = lc->num_attrs;
> 
> while (i--) {
>  ...
> }
> 

Really? I find that the post-decrement in the while makes determining the
bounds of the loop more confusing.

> > +               if ((lc->attrs[i].attr.id == GPIOLINE_ATTR_ID_FLAGS) &&
> 
> > +                   test_bit(line_idx, (unsigned long *)lc->attrs[i].mask))
> 
> This casting is not good. What about BE 32-bit architecture?
> 

I agree the casting is hideous, but I thought the outcome was correct
as it is manipulating addresses, not data.
You think the address of a 64-bit differs based on endian??
Happy to change it - but not sure what to.

> > +                       return lc->attrs[i].attr.flags;
> > +       }
> > +       return lc->flags;
> > +}
> > +
> > +static int gpioline_config_output_value(struct gpioline_config *lc,
> > +                                       int line_idx)
> > +{
> 
> Same comments as per above.
> 
> > +}
> 
> ...
> 
> > +static long line_get_values(struct line *line, void __user *ip)
> > +{
> > +       struct gpioline_values lv;
> 
> > +       unsigned long *vals = (unsigned long *)lv.bits;
> 
> Casting u64 to unsigned long is not good.
> 

Same comments as per above.

> > +}
> 
> ...
> 
> > +static void line_free(struct line *line)
> > +{
> > +       int i;
> > +
> > +       for (i = 0; i < line->num_descs; i++) {
> 
> > +               if (line->descs[i])
> 
> Redundant?
> 

Actually, no.  The line_free is also used to clean up construction
failures, so the line may be partially constructed.  num_descs is set
first, but the descs themselves may have failed to allocate.
And gpiod_free throws a warning if you pass a NULL, hence the extra check here.

> > +                       gpiod_free(line->descs[i]);
> > +       }
> > +       kfree(line->label);
> > +       put_device(&line->gdev->dev);
> > +       kfree(line);
> > +}
> 
> ...
> 
> > +       /* Make sure this is terminated */
> > +       linereq.consumer[sizeof(linereq.consumer)-1] = '\0';
> > +       if (strlen(linereq.consumer)) {
> > +               line->label = kstrdup(linereq.consumer, GFP_KERNEL);
> 
> kstrndup() ?
> 

That was a cut-and-paste from V1...

> > +               if (!line->label) {
> > +                       ret = -ENOMEM;
> > +                       goto out_free_line;
> > +               }
> > +       }
> 

... and changing it would result in this logic behaving differently.
You couldn't distinguish between consumer not being set, and
so label not being set, and kstrndup returning NULL due to no mem.

> ...
> 
> > +               struct gpio_desc *desc = gpiochip_get_desc(gdev->chip, offset);
> 
> I prefer to see this split, but it's minor.
> 
> > +               if (IS_ERR(desc)) {
> > +                       ret = PTR_ERR(desc);
> > +                       goto out_free_line;
> > +               }
> 
> ...
> 
> > +               dev_dbg(&gdev->dev, "registered chardev handle for line %d\n",
> > +                       offset);
> 
> Perhaps tracepoint / event?
> 

Again, a cut-and-paste from V1, and I have no experience with
tracepoints or events, so I have no opinion on that.

So, yeah - perhaps?

Cheers,
Kent.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ