lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <YHoKQ9qtupDhXVm3@piout.net>
Date:   Sat, 17 Apr 2021 00:05:55 +0200
From:   Alexandre Belloni <alexandre.belloni@...tlin.com>
To:     Francois Gervais <fgervais@...tech-controls.com>
Cc:     linux-rtc@...r.kernel.org, Alessandro Zummo <a.zummo@...ertech.it>,
        Michael McCormick <michael.mccormick@...tel.net>,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH 1/1] rtc: pcf85063: add integrity check

Hi,

On 11/03/2021 12:49:40-0500, Francois Gervais wrote:
> Sometimes when the RTC battery is inserted, the voltage will bounce a
> bit and we've seen that this can randomly flip configuration bits in
> the RTC.
> 
> For example, we've seen COF bits flips and then the output clock
> frequency would not be the expected one anymore.
> 
> To remediate this issue, this adds an optional feature where if the OS
> bit it set on boot, it's possibly because the RTC lost power and again
> possibly because a new battery has been inserted. In that case, it
> reapplies defaults to configuration registers.
> 
> Signed-off-by: Francois Gervais <fgervais@...tech-controls.com>
> ---
>  drivers/rtc/rtc-pcf85063.c | 54 ++++++++++++++++++++++++++++++++++++++
>  1 file changed, 54 insertions(+)
> 
> diff --git a/drivers/rtc/rtc-pcf85063.c b/drivers/rtc/rtc-pcf85063.c
> index 463991c74fdd..774cc4cf93d8 100644
> --- a/drivers/rtc/rtc-pcf85063.c
> +++ b/drivers/rtc/rtc-pcf85063.c
> @@ -57,6 +57,10 @@
>  #define PCF85063_REG_ALM_S		0x0b
>  #define PCF85063_AEN			BIT(7)
>  
> +static bool integrity_check;
> +module_param(integrity_check, bool, 0444);
> +MODULE_PARM_DESC(integrity_check, "Set to one to enable the integrity check.");
> +
>  struct pcf85063_config {
>  	struct regmap_config regmap;
>  	unsigned has_alarms:1;
> @@ -357,6 +361,49 @@ static int pcf85063_load_capacitance(struct pcf85063 *pcf85063,
>  				  PCF85063_REG_CTRL1_CAP_SEL, reg);
>  }
>  
> +static int pcf85063_check_integrity(struct pcf85063 *pcf85063)
> +{
> +	int err;
> +	unsigned int val;
> +
> +	err = regmap_read(pcf85063->regmap, PCF85063_REG_SC, &val);
> +	if (err < 0) {
> +		dev_warn(&pcf85063->rtc->dev, "failed to read OS bit: %d",
> +			 err);
> +		return err;
> +	}
> +
> +	if (!(val & PCF85063_REG_SC_OS)) {
> +		dev_dbg(&pcf85063->rtc->dev, "integrity is ok\n");
> +		return 0;
> +	}
> +
> +	dev_dbg(&pcf85063->rtc->dev, "Power loss detected, restoring defaults\n");
> +	err = regmap_update_bits(pcf85063->regmap, PCF85063_REG_CTRL1,
> +				 (unsigned int)~PCF85063_REG_CTRL1_CAP_SEL, 0);
> +	if (err < 0)
> +		goto err_restore;
> +
> +	err = regmap_write(pcf85063->regmap, PCF85063_REG_CTRL2, 0);
> +	if (err < 0)
> +		goto err_restore;
> +
> +	err = regmap_write(pcf85063->regmap, PCF85063_REG_OFFSET, 0);
> +	if (err < 0)
> +		goto err_restore;
> +
> +	err = regmap_write(pcf85063->regmap, PCF85063_REG_RAM, 0);
> +	if (err < 0)
> +		goto err_restore;
> +

I'm not sure I get the use case because PCF85063_REG_CTRL2 should be
initialized properly after the driver is probed anyway. The other two
can be set from userspace once it detects the oscillator failure which
would be better at deciding the policy anyway.

-- 
Alexandre Belloni, co-owner and COO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ