lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <7685a109-99fd-8b41-6911-5eba8924c0d6@redhat.com>
Date:   Mon, 13 Feb 2023 12:17:12 +0100
From:   Hans de Goede <hdegoede@...hat.com>
To:     Kai-Heng Feng <kai.heng.feng@...onical.com>,
        ktsai@...ellamicro.com, jic23@...nel.org, lars@...afoo.de
Cc:     linux-iio@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] iio: light: cm32181: Unregister second I2C client if
 present

Hi,

Thank you for working on this, some remarks inline.

On 2/8/23 08:21, Kai-Heng Feng wrote:
> If a second client that talks to the actual I2C address was created in
> probe(), there should be a corresponding cleanup in remove() to avoid
> leakage.
> 
> So if the "client" is not the same one used by I2C core, unregister it
> accordingly.
> 
> Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2152281
> Fixes: c1e62062ff54 ("iio: light: cm32181: Handle CM3218 ACPI devices with 2 I2C resources")
> Signed-off-by: Kai-Heng Feng <kai.heng.feng@...onical.com>
> ---
> v2:
>  - Use devm_add_action_or_reset() instead of remove() callback to avoid
>    race.
> 
>  drivers/iio/light/cm32181.c | 16 ++++++++++++++++
>  1 file changed, 16 insertions(+)
> 
> diff --git a/drivers/iio/light/cm32181.c b/drivers/iio/light/cm32181.c
> index b1674a5bfa368..a3e5f56101c9f 100644
> --- a/drivers/iio/light/cm32181.c
> +++ b/drivers/iio/light/cm32181.c
> @@ -429,6 +429,16 @@ static const struct iio_info cm32181_info = {
>  	.attrs			= &cm32181_attribute_group,
>  };
>  
> +static void cm32181_disable(void *data)
> +{
> +	struct i2c_client *client = data;
> +	struct cm32181_chip *cm32181 = iio_priv(i2c_get_clientdata(client));
> +
> +	/* Unregister the dummy client */
> +	if (cm32181->client != client)
> +		i2c_unregister_device(cm32181->client);
> +}
> +
>  static int cm32181_probe(struct i2c_client *client)
>  {
>  	struct device *dev = &client->dev;
> @@ -479,6 +489,12 @@ static int cm32181_probe(struct i2c_client *client)
>  		return ret;
>  	}
>  
> +	ret = devm_add_action_or_reset(dev, cm32181_disable, client);
> +	if (ret) {
> +		dev_err(dev, "%s: add devres action failed\n", __func__);
> +		return ret;
> +	}
> +

This is too late, we will still exit without unregistering the client if
the cm32181_reg_init() call fails.

It would be best to do this directly after the i2c_acpi_new_device()
call, so inside the "if (ACPI_HANDLE(dev) && client->addr == SMBUS_ALERT_RESPONSE_ADDRESS) {"
block.

This way you can also remove the "if (cm32181->client != client)"
check from cm32181_disable() since it now only runs when the client
was registered in the first place.

Also please rename cm32181_disable() to cm32181_unregister_dummy_client()
so that the name actually matches what it does.

Regards,

Hans





>  	ret = devm_iio_device_register(dev, indio_dev);
>  	if (ret) {
>  		dev_err(dev, "%s: regist device failed\n", __func__);

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ