lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <YVsLxHMCdXf4vS+i@sirena.org.uk>
Date:   Mon, 4 Oct 2021 15:12:20 +0100
From:   Mark Brown <broonie@...nel.org>
To:     Jason Gunthorpe <jgg@...pe.ca>
Cc:     Lino Sanfilippo <LinoSanfilippo@....de>, f.fainelli@...il.com,
        rjui@...adcom.com, sbranden@...adcom.com,
        bcm-kernel-feedback-list@...adcom.com, nsaenz@...nel.org,
        linux-spi@...r.kernel.org, linux-rpi-kernel@...ts.infradead.org,
        linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org,
        p.rosenberger@...bus.com, linux-integrity@...r.kernel.org,
        stable@...r.kernel.org
Subject: Re: [PATCH] spi: bcm2835: do not unregister controller in shutdown
 handler

On Mon, Oct 04, 2021 at 10:17:56AM -0300, Jason Gunthorpe wrote:

> Shutdown is supposed to quiet the HW so it is not doing DMAs any
> more. This is basically an 'emergency' kind of path, the HW should be
> violently stopped if available - ie clearing the bus master bits on
> PCI, for instance.

> When something like kexec happens we need the machine to be in a state
> where random DMA's are not corrupting memory.

That's all well and good but there's no point in implementing something
half baked that's opening up a whole bunch of opportunities to crash the
system if more work comes in after it's half broken the device setup.  

> Due to the emergency sort of nature it is not appropriate to do
> locking complicated sorts of things like struct device unregistrations
> here.

That's just not what's actually implemented in a bunch of places, nor
something one would infer from the documentation ("Called at shut-down
to quiesce the device", no mention of emergency cases which I'd guess
would just be kdump) - there's a bunch of locks in shutdown paths, and
drivers on sleeping buses with shutdown callbacks.  Never mind the few
of them that use a shutdown callback to power the system down, though
that's a different thing and definitely abusing the API.  I would guess
that a good proportion of people implementing it are more worried about
clean system shutdown than they are about kdump.

Download attachment "signature.asc" of type "application/pgp-signature" (489 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ