lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 16 Sep 2021 15:50:30 +0300
From:   Dan Carpenter <dan.carpenter@...cle.com>
To:     "Fabio M. De Francesco" <fmdefrancesco@...il.com>
Cc:     Larry Finger <Larry.Finger@...inger.net>,
        Phillip Potter <phil@...lpotter.co.uk>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Pavel Skripkin <paskripkin@...il.com>,
        linux-staging@...ts.linux.dev, linux-kernel@...r.kernel.org,
        David Laight <david.Laight@...lab.com>
Subject: Re: [PATCH v6 16/19] staging: r8188eu: Clean up rtw_read*() and
 rtw_write*()

On Thu, Sep 16, 2021 at 02:14:14PM +0200, Fabio M. De Francesco wrote:
> On Thursday, September 16, 2021 1:36:06 PM CEST Dan Carpenter wrote:
> > On Wed, Sep 15, 2021 at 11:11:00PM +0200, Fabio M. De Francesco wrote:
> > > Clean up rtw_read{8,16,32}() and rtw_write{8,16,32,N}() in 
> usb_ops_linux.c.
> > > 
> > 
> > It would be good to know what you did more specifically.
> > 
> > 1) Rename variables:
> > 	pio_priv => io_priv
> > 	pintfhdl => intfhdl
> > 	wvalue => address.
> > 2) Remove unnecessary casts.
> > 3) Fix types.  Use __le16 instead of __le32.
> 
> Dear Dan,
> 
> I'm sorry for missing that. :( 
> 
> Now I remember that you asked for this specifications at least once (if not 
> twice). I'll redo the commit message and add the list above in v7. I guess 
> that I have to do the same in 15/19.
> 
> > The last one is a small KASan bug fix.  So good job on that.
> 
> Thanks (even if I don't yet know anything about KASan).
> 
> > > Co-developed-by: Pavel Skripkin <paskripkin@...il.com>
> > > Signed-off-by: Pavel Skripkin <paskripkin@...il.com>
> > > Signed-off-by: Fabio M. De Francesco <fmdefrancesco@...il.com>
> > > ---
> > >  drivers/staging/r8188eu/hal/usb_ops_linux.c | 68 ++++++++++-----------
> > >  1 file changed, 34 insertions(+), 34 deletions(-)
> > > 
> > > diff --git a/drivers/staging/r8188eu/hal/usb_ops_linux.c b/drivers/
> staging/r8188eu/hal/usb_ops_linux.c
> > > index 2098ce935dc0..d87da84eca07 100644
> > > --- a/drivers/staging/r8188eu/hal/usb_ops_linux.c
> > > +++ b/drivers/staging/r8188eu/hal/usb_ops_linux.c
> > > @@ -91,91 +91,91 @@ static int usbctrl_vendorreq(struct intf_hdl 
> *intfhdl, u16 value, void *data, u1
> > >  
> > >  u8 rtw_read8(struct adapter *adapter, u32 addr)
> > >  {
> > > -	struct io_priv *pio_priv = &adapter->iopriv;
> > > -	struct intf_hdl *pintfhdl = &pio_priv->intf;
> > > -	u16 wvalue = (u16)(addr & 0x0000ffff);
> > > +	struct io_priv *io_priv = &adapter->iopriv;
> > > +	struct intf_hdl *intfhdl = &io_priv->intf;
> > > +	u16 address = addr & 0xffff;
> > >  	u8 data;
> > > -
> > 
> > Deleting this line introduces a checkpatch warning.
> 
> I didn't notice the warning. This too will be fixed in v7.
> 
> > > -	usbctrl_vendorreq(pintfhdl, wvalue, &data, 1, 
> REALTEK_USB_VENQT_READ);
> > > +	usbctrl_vendorreq(intfhdl, address, &data, 1, 
> REALTEK_USB_VENQT_READ);
> > >  
> > >  	return data;
> > >  }
> > >  
> > >  u16 rtw_read16(struct adapter *adapter, u32 addr)
> > >  {
> > > -	struct io_priv *pio_priv = &adapter->iopriv;
> > > -	struct intf_hdl *pintfhdl = &pio_priv->intf;
> > > -	u16 wvalue = (u16)(addr & 0x0000ffff);
> > > -	__le32 data;
> > > +	struct io_priv *io_priv = &adapter->iopriv;
> > > +	struct intf_hdl *intfhdl = &io_priv->intf;
> > > +	u16 address = addr & 0xffff;
> > > +	__le16 data;
> > >  
> > > -	usbctrl_vendorreq(pintfhdl, wvalue, &data, 2, 
> REALTEK_USB_VENQT_READ);
> > > +	usbctrl_vendorreq(intfhdl, address, &data, 2, 
> REALTEK_USB_VENQT_READ);
> > >  
> > > -	return (u16)(le32_to_cpu(data) & 0xffff);
> > > +	return le16_to_cpu(data);
> > 
> > The last two bytes of "data" are not initialized.  I do not think that
> > will cause a bug on either endian type of system during runtime but I
> > this that KASan will catch it and complain.
> 
> I don't want to add mistakes on mistakes. I guess that you are talking of the 
> same fix you wrote above and that "return le16_to_cpu(data);" is correct.
> Am I interpreting your words in the correct way?
>  

In the original code the last two bytes of "data" were uninitialized.
KASan will spot this as a bug, but it doesn't affect runtime because we
mask away those bytes anyway.

> > >  }
> > >  
> > >  u32 rtw_read32(struct adapter *adapter, u32 addr)
> > >  {
> > > -	struct io_priv *pio_priv = &adapter->iopriv;
> > > -	struct intf_hdl *pintfhdl = &pio_priv->intf;
> > > -	u16 wvalue = (u16)(addr & 0x0000ffff);
> > > +	struct io_priv *io_priv = &adapter->iopriv;
> > > +	struct intf_hdl *intfhdl = &io_priv->intf;
> > > +	u16 address = addr & 0xffff;
> > >  	__le32 data;
> > >  
> > > -	usbctrl_vendorreq(pintfhdl, wvalue, &data, 4, 
> REALTEK_USB_VENQT_READ);
> > > +	usbctrl_vendorreq(intfhdl, address, &data, 4, 
> REALTEK_USB_VENQT_READ);
> > >  
> > >  	return le32_to_cpu(data);
> > >  }
> > >  
> > >  int rtw_write8(struct adapter *adapter, u32 addr, u8 val)
> > >  {
> > > -	struct io_priv *pio_priv = &adapter->iopriv;
> > > -	struct intf_hdl *pintfhdl = &pio_priv->intf;
> > > -	u16 wvalue = (u16)(addr & 0x0000ffff);
> > > +	struct io_priv *io_priv = &adapter->iopriv;
> > > +	struct intf_hdl *intfhdl = &io_priv->intf;
> > > +	u16 address = addr & 0xffff;
> > >  	int ret;
> > >  
> > > -	ret = usbctrl_vendorreq(pintfhdl, wvalue, &val, 1, 
> REALTEK_USB_VENQT_WRITE);
> > > +	ret = usbctrl_vendorreq(intfhdl, address, &val, 1, 
> REALTEK_USB_VENQT_WRITE);
> > >  
> > >  	return RTW_STATUS_CODE(ret);
> > >  }
> > >  
> > >  int rtw_write16(struct adapter *adapter, u32 addr, u16 val)
> > >  {
> > > -	struct io_priv *pio_priv = &adapter->iopriv;
> > > -	struct intf_hdl *pintfhdl = &pio_priv->intf;
> > > -	u16 wvalue = (u16)(addr & 0x0000ffff);
> > > -	__le32 data = cpu_to_le32(val & 0x0000ffff);
> > > +	struct io_priv *io_priv = &adapter->iopriv;
> > > +	struct intf_hdl *intfhdl = &io_priv->intf;
> > > +	__le16 data = cpu_to_le16(val);
> > 
> > This is the other interesting change.  I think the original code works
> > though.
> 
> Here too, I'm a bit confused... Do yo prefer the original code or you're 
> saying that, although the original code works fine, I made the correct choice 
> in changing it? Can you please confirm?
> 

Yeah.  The original code was buggy but it still worked fine.  Ideally
this kind of logic fix would be in a separate patch from the other
"rename a variable" changes.

regards,
dan carpenter

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ