lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20211118181643.GB3320814@roeck-us.net>
Date:   Thu, 18 Nov 2021 10:16:43 -0800
From:   Guenter Roeck <linux@...ck-us.net>
To:     Dan Carpenter <dan.carpenter@...cle.com>
Cc:     MyungJoo Ham <myungjoo.ham@...sung.com>,
        Chanwoo Choi <cw00.choi@...sung.com>,
        Sebastian Reichel <sre@...nel.org>,
        Chen-Yu Tsai <wens@...e.org>,
        Hans de Goede <hdegoede@...hat.com>,
        Felipe Balbi <balbi@...nel.org>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Heikki Krogerus <heikki.krogerus@...ux.intel.com>,
        linux-kernel@...r.kernel.org, linux-pm@...r.kernel.org,
        linux-usb@...r.kernel.org, linux-omap@...r.kernel.org,
        kernel-janitors@...r.kernel.org
Subject: Re: [PATCH] extcon: fix extcon_get_extcon_dev() error handling

On Thu, Nov 18, 2021 at 05:51:35PM +0300, Dan Carpenter wrote:
> On Thu, Nov 18, 2021 at 06:22:58AM -0800, Guenter Roeck wrote:
> > On 11/18/21 3:32 AM, Dan Carpenter wrote:
> > > The extcon_get_extcon_dev() function returns error pointers on error
> > > and NULL when it's a -EPROBE_DEFER defer situation.  There are eight
> > > callers and only two of them handled this correctly.  In the other
> > > callers an error pointer return would lead to a crash.
> > > 
> > > What prevents crashes is that errors can only happen in the case of
> > > a bug in the caller or if CONFIG_EXTCON is disabled.  Six out of
> > > eight callers use the Kconfig to either depend on or select
> > > CONFIG_EXTCON.  Thus the real life impact of these bugs is tiny.
> > > 
> > > Signed-off-by: Dan Carpenter <dan.carpenter@...cle.com>
> > > ---
> > > The two callers where the drivers can be built without CONFIG_EXTCON
> > > are TYPEC_FUSB302 and CHARGER_MAX8997.
> > > 
> > [ ... ]
> > > diff --git a/drivers/usb/typec/tcpm/fusb302.c b/drivers/usb/typec/tcpm/fusb302.c
> > > index 7a2a17866a82..8594b59bd527 100644
> > > --- a/drivers/usb/typec/tcpm/fusb302.c
> > > +++ b/drivers/usb/typec/tcpm/fusb302.c
> > > @@ -1706,8 +1706,8 @@ static int fusb302_probe(struct i2c_client *client,
> > >   	 */
> > >   	if (device_property_read_string(dev, "linux,extcon-name", &name) == 0) {
> > >   		chip->extcon = extcon_get_extcon_dev(name);
> > > -		if (!chip->extcon)
> > > -			return -EPROBE_DEFER;
> > > +		if (IS_ERR(chip->extcon))
> > > +			return PTR_ERR(chip->extcon);
> > 
> > Why does the code not need to return -EPROBE_DEFER ? The description states
> > that NULL is returned in that situation. Doesn't that mean that defer situations
> > are no longer handled with this patch in place ?
> 
> I'm not sure I understand what you are saying here.  In the original
> code, extcon_get_extcon_dev() would return NULL and relied on the
> callers to change NULL into a -EPROBE_DEFER.  If extcon_get_extcon_dev()
> returned ERR_PTR(-EINVAL) (which is impossible as mentioned) the it
> would lead to a crash.
> 
> In the new code, the extcon_get_extcon_dev() function returns
> -EPROBE_DEFER directly so the caller code is much simpler.
> 
Misunderstanding on my side. I didn't get that extcon_get_extcon_dev()
now returns -EPROBE_DEFER.

> > 
> > Also, with this patch in place, the code will no longer work if extcon is disabled,
> > because extcon_get_extcon_dev() will return -ENODEV and the above code will bail out.
> > The behavior of the code wasn't optimal in that case (it would wait until timeout
> > in tcpm_get_current_limit() before returning), but at least it didn't fail.
> 
> Huh.  You are right.  Initialy I thought that tcpm_get_current_limit()
> would crash.  This is one of the two drivers which I mentioned that can
> be built without CONFIG_EXTCON.
> 
> I will modify the version of extcon_get_extcon_dev() where CONFIG_EXTCON
> is disabled to return NULL.  That is the standard/correct way to write
> these.  That will turn tcpm_get_current_limit() into a no-op.
> 
> A belt and suspenders approach might be to modify the Kconfig so this
> driver selects CONFIG_EXTCON.
> 

That would pull in unnecessary extra code, though, if the driver is supposed
to be able to work without it.

Thanks,
Guenter

> regards,
> dan carpenter
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ