| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <8825f20c-7e58-c44e-fa7a-bca811add5a1@collabora.com>
Date: Fri, 23 Apr 2021 12:48:01 +0200
From: Enric Balletbo i Serra <enric.balletbo@...labora.com>
To: Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
linux-kernel@...r.kernel.org
Cc: Qiushi Wu <wu000273@....edu>, Mathew King <mathewk@...omium.org>,
Benson Leung <bleung@...omium.org>,
Rushikesh S Kadam <rushikesh.s.kadam@...el.com>
Subject: Re: [PATCH 025/190] Revert "platform/chrome: cros_ec_ishtp: Fix a
double-unlock issue"
Hi Greg,
Many thanks for the patchset and notice us to take attention about these patches.
On 21/4/21 14:58, Greg Kroah-Hartman wrote:
> This reverts commit aaa3cbbac326c95308e315f1ab964a3369c4d07d.
>
> Commits from @umn.edu addresses have been found to be submitted in "bad
> faith" to try to test the kernel community's ability to review "known
> malicious" changes. The result of these submissions can be found in a
> paper published at the 42nd IEEE Symposium on Security and Privacy
> entitled, "Open Source Insecurity: Stealthily Introducing
> Vulnerabilities via Hypocrite Commits" written by Qiushi Wu (University
> of Minnesota) and Kangjie Lu (University of Minnesota).
>
> Because of this, all submissions from this group must be reverted from
> the kernel tree and will need to be re-reviewed again to determine if
> they actually are a valid fix. Until that work is complete, remove this
> change to ensure that no problems are being introduced into the
> codebase.
>
> Cc: Qiushi Wu <wu000273@....edu>
> Cc: Mathew King <mathewk@...omium.org>
> Cc: Enric Balletbo i Serra <enric.balletbo@...labora.com>
> Signed-off-by: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
I've reviewed the patch again (also double checked with people involved in this
driver) and I don't spot an obvious issue with the original patch. Without it,
on error path, the read-write sempahore used, will be released without having
held it before.
So it's IMO a valid fix that would have to be done the same way after
revert.
Please don't revert it.
Thanks,
Enric
> ---
> drivers/platform/chrome/cros_ec_ishtp.c | 4 +---
> 1 file changed, 1 insertion(+), 3 deletions(-)
>
> diff --git a/drivers/platform/chrome/cros_ec_ishtp.c b/drivers/platform/chrome/cros_ec_ishtp.c
> index f00107017318..d4f41d68232c 100644
> --- a/drivers/platform/chrome/cros_ec_ishtp.c
> +++ b/drivers/platform/chrome/cros_ec_ishtp.c
> @@ -677,10 +677,8 @@ static int cros_ec_ishtp_probe(struct ishtp_cl_device *cl_device)
>
> /* Register croc_ec_dev mfd */
> rv = cros_ec_dev_init(client_data);
> - if (rv) {
> - down_write(&init_lock);
> + if (rv)
> goto end_cros_ec_dev_init_error;
> - }
>
> return 0;
>
>
Powered by blists - more mailing lists