lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <X85O9GoDcbiDp97j@localhost>
Date:   Mon, 7 Dec 2020 16:49:08 +0100
From:   Johan Hovold <johan@...nel.org>
To:     Marc Zyngier <maz@...nel.org>
Cc:     Johan Hovold <johan@...nel.org>, linux-usb@...r.kernel.org,
        linux-gpio@...r.kernel.org, linux-kernel@...r.kernel.org,
        Linus Walleij <linus.walleij@...aro.org>,
        Bartosz Golaszewski <bgolaszewski@...libre.com>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        kernel-team@...roid.com
Subject: Re: [PATCH 0/4] USB: ftdio_sio: GPIO validity fixes

On Mon, Dec 07, 2020 at 03:34:23PM +0000, Marc Zyngier wrote:
> On 2020-12-07 15:08, Johan Hovold wrote:
> > On Mon, Dec 07, 2020 at 02:41:03PM +0000, Marc Zyngier wrote:
> >> On 2020-12-07 14:01, Johan Hovold wrote:
> >> > On Fri, Dec 04, 2020 at 04:47:35PM +0000, Marc Zyngier wrote:
> >> >> Having recently tried to use the CBUS GPIOs that come thanks to the
> >> >> ftdio_sio driver, it occurred to me that the driver has a couple of
> >> >> usability issues:
> >> >>
> >> >> - it advertises potential GPIOs that are reserved to other uses (LED
> >> >>   control, or something else)
> >> >
> >> > Consider the alternative, that the gpio offsets (for CBUS0, CBUS1,
> >> > CBUS2
> >> > or CBUS4) varies depending on how the pins have been muxed. Hardly very
> >> > user friendly.
> >> 
> >> That's not what I suggest. If you want fixed GPIO offsets, fine by me.
> >> But telling the user "these are GPIOs you can use", and then
> >> "on second though, you can't" is not exactly consistent.
> > 
> > It's really no different from any other gpio chip which registers all
> > its lines, including those which may have been muxed for other 
> > purposes.
> 
> If they claim that their lines are available, and then refuse to
> let the user play with it, that's just a bug willing to be fixed.

My point was that this is how *all* gpio drivers work, and that muxing
is somewhat orthogonal to the gpio controller implementation.

Not sure how you would even "fix" that since muxing can often be changed
at runtime while the number of lines is typically a hardware feature
(which we report to the user). The resource is still there but it may
not be available for use.

> >> >> - it returns an odd error (-ENODEV), instead of the expected -EINVAL
> >> >>   when a line is unavailable, leading to a difficult diagnostic
> >> >
> >> > Hmm, maybe. Several gpio driver return -ENODEV when trying to request
> >> > reserved pins. Even gpiolib returns -ENODEV when a pins is not yet
> >> > available due to probe deferal.
> >> 
> >> -ENODEV really means "no GPIOchip" in this context. The fact that
> >> other drivers return -ENODEV for reserved pins looks like a bug to me.
> > 
> > No, the chip is there. The -ENODEV is what you get when requesting the
> > line, because the line isn't available.
> 
> I still believe that ENODEV is the wrong error. The device is there,
> but the request is invalid because the line is used by something else.
> EINVAL, EBUSY, ENXIO would all be (sort of) OK.

Fair enough.

> >> > -EBUSY could also be an alternative, but that's used to indicate that a
> >> > line is already in use as a gpio.
> >> 
> >> Or something else. Which is exactly the case, as it's been allocated
> >> to another function.
> > 
> > Right, there are invalid requests (e.g. requesting line five of a four
> > line chip), lines that are already in use, and lines not available due
> > to muxing.
> > 
> > And then there's the question of whether to use the same or distinct
> > errnos for these. I believe using distinct errnos provides more
> > feedback, but we can certainly pick another errno for this if it's
> > really that confusing.
> 
> Fundamentally, I don't think the backend driver should be in charge
> of the error reporting. That should be the char device's job. Leaving it
> to the individual drivers is a sure way to have an inconsistent API.

I agree, and your valid-mask approach takes care of the static mux-
configuration case nicely.

Johan

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ