lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <YynIwRVglGGm1To3@hovoldconsulting.com>
Date:   Tue, 20 Sep 2022 16:05:53 +0200
From:   Johan Hovold <johan@...nel.org>
To:     Bjorn Helgaas <helgaas@...nel.org>
Cc:     Lorenzo Pieralisi <lpieralisi@...nel.org>,
        Bjorn Helgaas <bhelgaas@...gle.com>,
        Stanimir Varbanov <svarbanov@...sol.com>,
        Rob Herring <robh@...nel.org>,
        Krzysztof WilczyƄski <kw@...ux.com>,
        Andy Gross <agross@...nel.org>,
        Bjorn Andersson <bjorn.andersson@...aro.org>,
        Konrad Dybcio <konrad.dybcio@...ainline.org>,
        Manivannan Sadhasivam <mani@...nel.org>,
        Dmitry Baryshkov <dmitry.baryshkov@...aro.org>,
        linux-pci@...r.kernel.org, linux-kernel@...r.kernel.org,
        linux-arm-msm@...r.kernel.org
Subject: Re: [PATCH v2] PCI: qcom: Add support for modular builds

On Tue, Sep 20, 2022 at 08:37:54AM -0500, Bjorn Helgaas wrote:
> On Tue, Sep 20, 2022 at 10:47:56AM +0200, Johan Hovold wrote:
> > Hi Lorenzo,
> > 
> > On Thu, Jul 21, 2022 at 08:47:20AM +0200, Johan Hovold wrote:
> > > Allow the Qualcomm PCIe controller driver to be built as a module, which
> > > is useful for multi-platform kernels as well as during development.
> > > 
> > > Reviewed-by: Rob Herring <robh@...nel.org>
> > > Reviewed-by: Manivannan Sadhasivam <manivannan.sadhasivam@...aro.org>
> > > Signed-off-by: Johan Hovold <johan+linaro@...nel.org>
> > > ---
> > > 
> > > Changes in v2
> > >  - rebase on next-20220720 (adjust context)
> > >  - add Rob and Mani's reviewed-by tags
> > 
> > Have you had a change to look at this one since you got back from
> > vacation?
> > 
> > I believe this should be uncontroversial as we already have other
> > modular dwc drivers and there's no mapping of legacy INTx interrupts
> > involved.
> 
> I'm not Lorenzo, but was there a conclusive outcome to the thread at
> [1]?  The last thing I remember was that a buggy endpoint driver that
> failed to unmap all its interrupts could cause crashes if the PCIe
> controller driver was removed.

That's not so much an argument against allowing the PCIe controller
driver to be unbound as it is an argument for preventing endpoint
drivers from being unbound.

And they generally need to be able to unbind due to hotplugging, right?

> Making the driver modular is essential so distros can build all the
> drivers and users can load the one needed by their platform.
> 
> Making the driver removable is useful for developers but not for
> users, so I don't see it as essential.  Developers are in the business
> of developing and can easily carry a trivial out-of-tree patch to add
> removability if needed.

Having modular drivers that can be unloaded is a debugging feature. I
believe I already posted this quote from Linus:

	The proper thing to do (and what we _have_ done) is to say
	"unloading of modules is not supported". It's a debugging
	feature, and you literally shouldn't do it unless you are
	actively developing that module.

	https://lore.kernel.org/all/Pine.LNX.4.58.0401251054340.18932@home.osdl.org/

And no, keeping such patches out-of-tree is not an option as it prevents
sharing them with others and they will quickly bit rot.

> If removability is actually safe even if endpoint drivers aren't
> perfect, then I don't object to it.  But if it's not always safe, I
> don't think the argument that "other drivers do it" is strong.  I'd
> rather make all the drivers safe even if that means making them
> non-removable.

If we have buggy endpoint drivers we need fix them regardless. Allowing
this fundamental debugging feature will even allow developers to catch
those bugs sooner.

And this is really no different from any other type of bug in endpoint
drivers; a failure to deregister a class device on unbind would lead to
crashes due to use-after-free, etc.

> [1] https://lore.kernel.org/r/20220721195433.GA1747571@bhelgaas

Johan

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ