lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <16136311.TfV2VxeR0u@mobilepool36.emlix.com>
Date:   Wed, 23 Feb 2022 12:07:48 +0100
From:   Rolf Eike Beer <eb@...ix.com>
To:     Manivannan Sadhasivam <mani@...nel.org>
Cc:     Cristian Ciocaltea <cristian.ciocaltea@...il.com>,
        Lee Jones <lee.jones@...aro.org>,
        linux-actions@...ts.infradead.org, linux-kernel@...r.kernel.org
Subject: atc260x has broken locking

When looking at this functions I found the locking to be broken for the atomic 
case (comments stripped):

static void regmap_lock_mutex(void *__mutex)
{
	struct mutex *mutex = __mutex;

	if (system_state > SYSTEM_RUNNING && irqs_disabled())
		mutex_trylock(mutex);
	else
		mutex_lock(mutex);
}

static void regmap_unlock_mutex(void *__mutex)
{
	struct mutex *mutex = __mutex;

	mutex_unlock(mutex);
}

When the mutex is already locked and the atomic context is hit then the lock 
will not be acquired, this is never noticed, and it afterwards is unlocked 
anyway.

The comment says this is inspired from i2c_in_atomic_xfer_mode() to detect the 
atomic case, but the important caller __i2c_lock_bus_helper() actually does 
check and pass on the return value of mutex_trylock(), which is missing here.

Greetings,

Eike
-- 
Rolf Eike Beer, emlix GmbH, https://www.emlix.com
Fon +49 551 30664-0, Fax +49 551 30664-11
Gothaer Platz 3, 37083 Göttingen, Germany
Sitz der Gesellschaft: Göttingen, Amtsgericht Göttingen HR B 3160
Geschäftsführung: Heike Jordan, Dr. Uwe Kracke – Ust-IdNr.: DE 205 198 055

emlix - smart embedded open source
Download attachment "signature.asc" of type "application/pgp-signature" (314 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ