lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 5 Jul 2021 11:45:39 +0800
From:   Jie Deng <jie.deng@...el.com>
To:     Viresh Kumar <viresh.kumar@...aro.org>
Cc:     linux-i2c@...r.kernel.org,
        virtualization@...ts.linux-foundation.org,
        linux-kernel@...r.kernel.org, wsa@...nel.org,
        wsa+renesas@...g-engineering.com, mst@...hat.com, arnd@...db.de,
        jasowang@...hat.com, andriy.shevchenko@...ux.intel.com,
        yu1.wang@...el.com, shuo.a.liu@...el.com, conghui.chen@...el.com,
        stefanha@...hat.com
Subject: Re: [PATCH v12] i2c: virtio: add a virtio i2c frontend driver


On 2021/7/5 10:40, Viresh Kumar wrote:
> I think we missed the first deadline for 5.14-rc1 as Wolfram should be out of
> office now. Anyway lets make sure we fix all the pending bits before he is back
> and see if we can still pull it off by rc2.
>
> On 02-07-21, 16:46, Jie Deng wrote:
>> diff --git a/drivers/i2c/busses/i2c-virtio.c b/drivers/i2c/busses/i2c-virtio.c
>> +static int virtio_i2c_send_reqs(struct virtqueue *vq,
> It would be better to rename this to virtio_i2c_prepare_reqs instead, as this
> doesn't send anything.


That's a better name. I'm OK with that.


>
>> +				struct virtio_i2c_req *reqs,
>> +				struct i2c_msg *msgs, int nr)
>> +{
>> +	struct scatterlist *sgs[3], out_hdr, msg_buf, in_hdr;
>> +	int i, outcnt, incnt, err = 0;
>> +
>> +	for (i = 0; i < nr; i++) {
>> +		/*
>> +		 * Only 7-bit mode supported for this moment. For the address format,
>> +		 * Please check the Virtio I2C Specification.
>> +		 */
>> +		reqs[i].out_hdr.addr = cpu_to_le16(msgs[i].addr << 1);
>> +
>> +		if (i != nr - 1)
>> +			reqs[i].out_hdr.flags = cpu_to_le32(VIRTIO_I2C_FLAGS_FAIL_NEXT);
>> +
>> +		outcnt = incnt = 0;
>> +		sg_init_one(&out_hdr, &reqs[i].out_hdr, sizeof(reqs[i].out_hdr));
>> +		sgs[outcnt++] = &out_hdr;
>> +
>> +		if (msgs[i].len) {
>> +			reqs[i].buf = i2c_get_dma_safe_msg_buf(&msgs[i], 1);
>> +			if (!reqs[i].buf)
>> +				break;
>> +
>> +			sg_init_one(&msg_buf, reqs[i].buf, msgs[i].len);
>> +
>> +			if (msgs[i].flags & I2C_M_RD)
>> +				sgs[outcnt + incnt++] = &msg_buf;
>> +			else
>> +				sgs[outcnt++] = &msg_buf;
>> +		}
>> +
>> +		sg_init_one(&in_hdr, &reqs[i].in_hdr, sizeof(reqs[i].in_hdr));
>> +		sgs[outcnt + incnt++] = &in_hdr;
>> +
>> +		err = virtqueue_add_sgs(vq, sgs, outcnt, incnt, &reqs[i], GFP_KERNEL);
>> +		if (err < 0) {
>> +			i2c_put_dma_safe_msg_buf(reqs[i].buf, &msgs[i], false);
>> +			break;
>> +		}
>> +	}
>> +
>> +	return i;
>> +}
> The right way of doing this is is making this function return - Error on failure
> and 0 on success. There is no point returning number of successful additions
> here.


We need the number for virtio_i2c_complete_reqs to do cleanup. We don't 
have to

do cleanup "num" times every time. Just do it as needed.


>
> Moreover, on failures this needs to clean up (free the dmabufs) itself, just
> like you did i2c_put_dma_safe_msg_buf() at the end. The caller shouldn't be
> required to handle the error cases by freeing up resources.


This function will return the number of requests being successfully 
prepared and make sure

resources of the failed request being freed. And 
virtio_i2c_complete_reqs will free the

resources of those successful request.


>> +static int virtio_i2c_complete_reqs(struct virtqueue *vq,
>> +				    struct virtio_i2c_req *reqs,
>> +				    struct i2c_msg *msgs, int nr,
>> +				    bool fail)
>> +{
>> +	struct virtio_i2c_req *req;
>> +	bool failed = fail;
>> +	unsigned int len;
>> +	int i, j = 0;
>> +
>> +	for (i = 0; i < nr; i++) {
>> +		/* Detach the ith request from the vq */
>> +		req = virtqueue_get_buf(vq, &len);
>> +
>> +		/*
>> +		 * Condition (req && req == &reqs[i]) should always meet since
>> +		 * we have total nr requests in the vq.
>> +		 */
>> +		if (!failed && (WARN_ON(!(req && req == &reqs[i])) ||
>> +		    (req->in_hdr.status != VIRTIO_I2C_MSG_OK)))
> What about writing this as:
>
> 		if (!failed && (WARN_ON(req != &reqs[i]) ||
> 		    (req->in_hdr.status != VIRTIO_I2C_MSG_OK)))
>
> We don't need to check req here since if req is NULL, we will not do req->in_hdr
> at all.


It's right here just because the &reqs[i] will never be NULL in our 
case. But if you see

"virtio_i2c_complete_reqs" as an independent function, you need to check the

req. From the perspective of the callee, you can't ask the caller always 
give you

the non-NULL parameters. And some tools may give warnings.


>> +			failed = true;
>> +
>> +		i2c_put_dma_safe_msg_buf(reqs[i].buf, &msgs[i], !failed);
>> +		if (!failed)
>> +			++j;
>> +	}
>> +
>> +	return (fail ? -ETIMEDOUT : j);
>> +}
>> +

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ