| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 29 Oct 2020 12:39:08 -0300
From: Daniel Gutson <daniel@...ypsium.com>
To: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc: Derek Kiernan <derek.kiernan@...inx.com>,
Tudor Ambarus <tudor.ambarus@...rochip.com>,
Miquel Raynal <miquel.raynal@...tlin.com>,
Richard Weinberger <richard@....at>,
Vignesh Raghavendra <vigneshr@...com>,
Mika Westerberg <mika.westerberg@...ux.intel.com>,
Arnd Bergmann <arnd@...db.de>,
Mauro Carvalho Chehab <mchehab+huawei@...nel.org>,
linux-kernel <linux-kernel@...r.kernel.org>,
Richard Hughes <hughsient@...il.com>,
Alex Bazhaniuk <alex@...ypsium.com>,
linux-mtd <linux-mtd@...ts.infradead.org>
Subject: Re: [PATCH] mtd: spi-nor: intel-spi: Split intel-spi reading from writing
On Thu, Oct 29, 2020 at 2:40 AM Greg Kroah-Hartman
<gregkh@...uxfoundation.org> wrote:
>
> On Wed, Oct 28, 2020 at 06:43:59PM -0300, Daniel Gutson wrote:
> > This patch separates the writing part of the intel-spi drivers
> > so the 'dangerous' part can be set/unset independently.
> > This way, the kernel can be configured to include the reading
> > parts of the driver which can be used without
> > the dangerous write operations that can turn the system
> > unbootable.
> >
> > Signed-off-by: Daniel Gutson <daniel.gutson@...ypsium.com>
> > ---
> > drivers/mtd/spi-nor/controllers/Kconfig | 39 ++++++++++++---------
> > drivers/mtd/spi-nor/controllers/intel-spi.c | 12 +++++--
> > 2 files changed, 33 insertions(+), 18 deletions(-)
> >
> > diff --git a/drivers/mtd/spi-nor/controllers/Kconfig b/drivers/mtd/spi-nor/controllers/Kconfig
> > index 5c0e0ec2e6d1..491c755fea49 100644
> > --- a/drivers/mtd/spi-nor/controllers/Kconfig
> > +++ b/drivers/mtd/spi-nor/controllers/Kconfig
> > @@ -31,34 +31,41 @@ config SPI_INTEL_SPI
> > tristate
> >
> > config SPI_INTEL_SPI_PCI
> > - tristate "Intel PCH/PCU SPI flash PCI driver (DANGEROUS)"
> > + tristate "Intel PCH/PCU SPI flash PCI driver"
> > depends on X86 && PCI
> > select SPI_INTEL_SPI
> > help
> > - This enables PCI support for the Intel PCH/PCU SPI controller in
> > - master mode. This controller is present in modern Intel hardware
> > - and is used to hold BIOS and other persistent settings. Using
> > - this driver it is possible to upgrade BIOS directly from Linux.
> > -
> > - Say N here unless you know what you are doing. Overwriting the
> > - SPI flash may render the system unbootable.
> > + This enables read only PCI support for the Intel PCH/PCU SPI
> > + controller in master mode. This controller is present in modern
> > + Intel hardware and is used to hold BIOS and other persistent settings.
> > + Using this driver it is possible to read the SPI chip directly
> > + from Linux.
> >
> > To compile this driver as a module, choose M here: the module
> > will be called intel-spi-pci.
> >
> > config SPI_INTEL_SPI_PLATFORM
> > - tristate "Intel PCH/PCU SPI flash platform driver (DANGEROUS)"
> > + tristate "Intel PCH/PCU SPI flash platform driver"
> > depends on X86
> > select SPI_INTEL_SPI
> > help
> > - This enables platform support for the Intel PCH/PCU SPI
> > + This enables read only platform support for the Intel PCH/PCU SPI
> > controller in master mode. This controller is present in modern
> > - Intel hardware and is used to hold BIOS and other persistent
> > - settings. Using this driver it is possible to upgrade BIOS
> > - directly from Linux.
> > + Intel hardware and is used to hold BIOS and other persistent settings.
> > + Using this driver it is possible to read the SPI chip directly
> > + from Linux.
> > +
> > + To compile this driver as a module, choose M here: the module
> > + will be called intel-spi-pci.
> > +
> > +config SPI_INTEL_SPI_WRITE
> > + bool "Intel PCH/PCU SPI flash drivers write operations (DANGEROUS)"
> > + depends on SPI_INTEL_SPI_PCI || SPI_INTEL_SPI_PLATFORM
> > + help
> > + This enables full read/write support for the Intel PCH/PCU SPI
> > + controller.
> > + Using this option it may be possible to upgrade BIOS directly
> > + from Linux.
> >
> > Say N here unless you know what you are doing. Overwriting the
> > SPI flash may render the system unbootable.
> > -
> > - To compile this driver as a module, choose M here: the module
> > - will be called intel-spi-platform.
> > diff --git a/drivers/mtd/spi-nor/controllers/intel-spi.c b/drivers/mtd/spi-nor/controllers/intel-spi.c
> > index b54a56a68100..8d8053395c3d 100644
> > --- a/drivers/mtd/spi-nor/controllers/intel-spi.c
> > +++ b/drivers/mtd/spi-nor/controllers/intel-spi.c
> > @@ -266,6 +266,7 @@ static int intel_spi_read_block(struct intel_spi *ispi, void *buf, size_t size)
> > return 0;
> > }
> >
> > +#ifdef CONFIG_SPI_INTEL_SPI_WRITE
>
> <snip>
>
> Please do not add #ifdef to .c files, that's not the proper kernel
> coding style at all, and just makes maintaining this file much much
> harder over time.
>
> Split things out into two different files if you really need to do this.
What about the static functions that I'll need to turn non-static and
in a header file?
I mean, the functions that the functions in the new file will have to call.
Should I do that, turn static functions into non-static and declared
in a header file?
>
> thanks,
>
> greg k-h
--
Daniel Gutson
Engineering Director
Eclypsium, Inc.
Below The Surface: Get the latest threat research and insights on
firmware and supply chain threats from the research team at Eclypsium.
https://eclypsium.com/research/#threatreport
Powered by blists - more mailing lists