| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20211118145135.GO27562@kadam>
Date: Thu, 18 Nov 2021 17:51:35 +0300
From: Dan Carpenter <dan.carpenter@...cle.com>
To: Guenter Roeck <linux@...ck-us.net>
Cc: MyungJoo Ham <myungjoo.ham@...sung.com>,
Chanwoo Choi <cw00.choi@...sung.com>,
Sebastian Reichel <sre@...nel.org>,
Chen-Yu Tsai <wens@...e.org>,
Hans de Goede <hdegoede@...hat.com>,
Felipe Balbi <balbi@...nel.org>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Heikki Krogerus <heikki.krogerus@...ux.intel.com>,
linux-kernel@...r.kernel.org, linux-pm@...r.kernel.org,
linux-usb@...r.kernel.org, linux-omap@...r.kernel.org,
kernel-janitors@...r.kernel.org
Subject: Re: [PATCH] extcon: fix extcon_get_extcon_dev() error handling
On Thu, Nov 18, 2021 at 06:22:58AM -0800, Guenter Roeck wrote:
> On 11/18/21 3:32 AM, Dan Carpenter wrote:
> > The extcon_get_extcon_dev() function returns error pointers on error
> > and NULL when it's a -EPROBE_DEFER defer situation. There are eight
> > callers and only two of them handled this correctly. In the other
> > callers an error pointer return would lead to a crash.
> >
> > What prevents crashes is that errors can only happen in the case of
> > a bug in the caller or if CONFIG_EXTCON is disabled. Six out of
> > eight callers use the Kconfig to either depend on or select
> > CONFIG_EXTCON. Thus the real life impact of these bugs is tiny.
> >
> > Signed-off-by: Dan Carpenter <dan.carpenter@...cle.com>
> > ---
> > The two callers where the drivers can be built without CONFIG_EXTCON
> > are TYPEC_FUSB302 and CHARGER_MAX8997.
> >
> [ ... ]
> > diff --git a/drivers/usb/typec/tcpm/fusb302.c b/drivers/usb/typec/tcpm/fusb302.c
> > index 7a2a17866a82..8594b59bd527 100644
> > --- a/drivers/usb/typec/tcpm/fusb302.c
> > +++ b/drivers/usb/typec/tcpm/fusb302.c
> > @@ -1706,8 +1706,8 @@ static int fusb302_probe(struct i2c_client *client,
> > */
> > if (device_property_read_string(dev, "linux,extcon-name", &name) == 0) {
> > chip->extcon = extcon_get_extcon_dev(name);
> > - if (!chip->extcon)
> > - return -EPROBE_DEFER;
> > + if (IS_ERR(chip->extcon))
> > + return PTR_ERR(chip->extcon);
>
> Why does the code not need to return -EPROBE_DEFER ? The description states
> that NULL is returned in that situation. Doesn't that mean that defer situations
> are no longer handled with this patch in place ?
I'm not sure I understand what you are saying here. In the original
code, extcon_get_extcon_dev() would return NULL and relied on the
callers to change NULL into a -EPROBE_DEFER. If extcon_get_extcon_dev()
returned ERR_PTR(-EINVAL) (which is impossible as mentioned) the it
would lead to a crash.
In the new code, the extcon_get_extcon_dev() function returns
-EPROBE_DEFER directly so the caller code is much simpler.
>
> Also, with this patch in place, the code will no longer work if extcon is disabled,
> because extcon_get_extcon_dev() will return -ENODEV and the above code will bail out.
> The behavior of the code wasn't optimal in that case (it would wait until timeout
> in tcpm_get_current_limit() before returning), but at least it didn't fail.
Huh. You are right. Initialy I thought that tcpm_get_current_limit()
would crash. This is one of the two drivers which I mentioned that can
be built without CONFIG_EXTCON.
I will modify the version of extcon_get_extcon_dev() where CONFIG_EXTCON
is disabled to return NULL. That is the standard/correct way to write
these. That will turn tcpm_get_current_limit() into a no-op.
A belt and suspenders approach might be to modify the Kconfig so this
driver selects CONFIG_EXTCON.
regards,
dan carpenter
Powered by blists - more mailing lists