lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Thu, 1 Jul 2021 09:34:14 +0200
From:   Arnaud POULIQUEN <arnaud.pouliquen@...s.st.com>
To:     Mathieu Poirier <mathieu.poirier@...aro.org>
CC:     Bjorn Andersson <bjorn.andersson@...aro.org>,
        Ohad Ben-Cohen <ohad@...ery.com>,
        <linux-remoteproc@...r.kernel.org>, <linux-kernel@...r.kernel.org>,
        <linux-stm32@...md-mailman.stormreply.com>, <julien.massot@....bzh>
Subject: Re: [PATCH v2 3/4] rpmsg: char: Add possibility to use default
 endpoint of the rpmsg device.

Hello Mathieu,

On 6/30/21 10:48 PM, Mathieu Poirier wrote:
> On Wed, Jun 23, 2021 at 05:05:03PM +0200, Arnaud Pouliquen wrote:
>> Current implementation create/destroy a new endpoint on each
>> rpmsg_eptdev_open/rpmsg_eptdev_release calls.
>>
>> For a rpmsg device created by the NS announcement mechanism we need to
>> use a unique static endpoint that is the default rpmsg device endpoint
>> associated to the channel.
>>
>> This patch prepares the introduction of a rpmsg channel device for the
>> char device. The rpmsg channel device will require a default endpoint to
>> communicate to the remote processor.
>>
>> Add the static_ept field in rpmsg_eptdev structure. This boolean
>> determines the behavior on rpmsg_eptdev_open and rpmsg_eptdev_release call.
>>
>> - If static_ept == false:
>>   Use the legacy behavior by creating a new endpoint each time
>>   rpmsg_eptdev_open is called and release it when rpmsg_eptdev_release
>>   is called on /dev/rpmsgX device open/close.
>>
>> - If static_ept == true:
>>   use the rpmsg device default endpoint for the communication.
>> - Address the update of _rpmsg_chrdev_eptdev_create in e separate patch for readability.
>>
>> Add protection in rpmsg_eptdev_ioctl to prevent to destroy a default endpoint.
>>
>> Signed-off-by: Arnaud Pouliquen <arnaud.pouliquen@...s.st.com>
>> ---
>> update vs V1:
>> - remove the management of the default endpoint creation from rpmsg_eptdev_open.
>>
>> ---
>>  drivers/rpmsg/rpmsg_char.c | 21 +++++++++++++++++++--
>>  1 file changed, 19 insertions(+), 2 deletions(-)
>>
>> diff --git a/drivers/rpmsg/rpmsg_char.c b/drivers/rpmsg/rpmsg_char.c
>> index 50b7d4b00175..a75dce1e29d8 100644
>> --- a/drivers/rpmsg/rpmsg_char.c
>> +++ b/drivers/rpmsg/rpmsg_char.c
>> @@ -45,6 +45,8 @@ static DEFINE_IDA(rpmsg_minor_ida);
>>   * @queue_lock:	synchronization of @queue operations
>>   * @queue:	incoming message queue
>>   * @readq:	wait object for incoming queue
>> + * @static_ept: specify if the endpoint has to be created at each device opening or
>> + *              if the default endpoint should be used.
>>   */
>>  struct rpmsg_eptdev {
>>  	struct device dev;
>> @@ -59,6 +61,8 @@ struct rpmsg_eptdev {
>>  	spinlock_t queue_lock;
>>  	struct sk_buff_head queue;
>>  	wait_queue_head_t readq;
>> +
>> +	bool static_ept;
>>  };
>>  
>>  int rpmsg_chrdev_eptdev_destroy(struct device *dev, void *data)
>> @@ -116,7 +120,15 @@ static int rpmsg_eptdev_open(struct inode *inode, struct file *filp)
>>  
>>  	get_device(dev);
>>  
>> -	ept = rpmsg_create_ept(rpdev, rpmsg_ept_cb, eptdev, eptdev->chinfo);
>> +	/*
>> +	 * If the static_ept is set to true, the rpmsg device default endpoint is used.
>> +	 * Else a new endpoint is created on open that will be destroyed on release.
>> +	 */
>> +	if (eptdev->static_ept)
>> +		ept = rpdev->ept;
>> +	else
>> +		ept = rpmsg_create_ept(rpdev, rpmsg_ept_cb, eptdev, eptdev->chinfo);
>> +
>>  	if (!ept) {
>>  		dev_err(dev, "failed to open %s\n", eptdev->chinfo.name);
>>  		put_device(dev);
>> @@ -137,7 +149,8 @@ static int rpmsg_eptdev_release(struct inode *inode, struct file *filp)
>>  	/* Close the endpoint, if it's not already destroyed by the parent */
>>  	mutex_lock(&eptdev->ept_lock);
>>  	if (eptdev->ept) {
>> -		rpmsg_destroy_ept(eptdev->ept);
>> +		if (!eptdev->static_ept)
>> +			rpmsg_destroy_ept(eptdev->ept);
>>  		eptdev->ept = NULL;
>>  	}
>>  	mutex_unlock(&eptdev->ept_lock);
>> @@ -264,6 +277,10 @@ static long rpmsg_eptdev_ioctl(struct file *fp, unsigned int cmd,
>>  	if (cmd != RPMSG_DESTROY_EPT_IOCTL)
>>  		return -EINVAL;
>>  
>> +	/* Don't allow to destroy a default endpoint. */
>> +	if (!eptdev->rpdev || eptdev->ept == eptdev->rpdev->ept)
> 
> Did you find a scenario where eptdev->rpdev would not be valid when this is
> called?  To me if this code is called __rpmsg_chrdev_eptdev_create() has setup
> the rpdev pointer and therefore it will be valid.
> 
> If there is a scenario where it is possible that eptdev->rpdev is invalid then
> please add a comment with the details.  Otherwise simply remove the first part
> of the condition.
> 
> Reviewed-by: Mathieu Poirier <mathieu.poirier@...aro.org>

Good catch!
you are right, it seems an over protection, i will verify this making a new
revision that will take into account your other remarks.

Thanks for all your advices and patchset reviews related to rpmsg_char
restructuring.

Arnaud

> 
>> +		return -EPERM;
>> +
>>  	return rpmsg_chrdev_eptdev_destroy(&eptdev->dev, NULL);
>>  }
>>  
>> -- 
>> 2.17.1
>>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ