lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20210423162055.GE5507@sirena.org.uk>
Date:   Fri, 23 Apr 2021 17:20:55 +0100
From:   Mark Brown <broonie@...nel.org>
To:     Joe Burmeister <joe.burmeister@...tank.co.uk>
Cc:     Florian Fainelli <f.fainelli@...il.com>,
        Ray Jui <rjui@...adcom.com>,
        Scott Branden <sbranden@...adcom.com>,
        bcm-kernel-feedback-list@...adcom.com, linux-spi@...r.kernel.org,
        linux-rpi-kernel@...ts.infradead.org,
        linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org,
        nsaenz@...nel.org
Subject: Re: [PATCH] spi: bcm2835: Fix buffer overflow with CS able to go
 beyond limit.

On Fri, Apr 23, 2021 at 03:12:11PM +0100, Joe Burmeister wrote:
> On 23/04/2021 12:57, Mark Brown wrote:

> > I wouldn't expect any controller to be OK with that?  Drivers can store
> > per-client data in spi_device->controller_data which doesn't need
> > scaling (but is also not so helpful if you need to look at clients other
> > than the one you're currently controlling).

> I can see a number which certainly wouldn't. Though I don't want to
> assume that all don't.

Yeah, some won't - some do also rely on system specific assumptions
about what's possible but there's not really mechanisms for declaring
that.

> If we are happy just not letting the core expand num_chipselect that
> does stop the condition on everything.

> Any controller that can go higher without issue could them have their
> num_chipselect set to what their real limit is if this enforcement
> causes an issue.

Part of the issue here is that there has been some variation in how
num_chipselect is interpreted with regard to GPIO based chip selects
over time.  It *should* be redundant, I'm not clear why it's in the
generic bindings at all but that's lost to history AFAICT.

> >>> Not sure I follow you, if we have the overlay before
> >>> spi_register_controller() is called, how can the check there not
> >>> trigger? And if we load the overlay later when the SPI controller is
> >>> already registered, why does not spi_add_device()'s check work?

> >> I think it might be a RPI thing. I think it is merging in the overlay
> >> and giving Linux one already merged.

> > If the overlay is handled by the bootloader then from the point of view
> > of Linux there is no overlay - sounds like there's an issue in the
> > overlay, it should be overriding something that it doesn't?

> Does it matter if the final device tree was compiled like that in the
> first place or merge into that by the bootloader?

It matters in the context of a discussion of ordering between loading
the overlay and spi_register_controller() - it's clearly not loaded
afterwards.

> Of course we could just raise BCM2835_SPI_NUM_CS to 8 or more if that is
> preferred. Does seams like the dynamic solution is less favoured.

The best thing would be to have it not have a single array of chip
select specific data and instead store everything in the controller_data
that's there per-device.

Download attachment "signature.asc" of type "application/pgp-signature" (489 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ