lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <fb7c3825-89d5-4ae2-a19f-c527b0b000b4@baylibre.com>
Date: Sun, 22 Jun 2025 11:14:20 -0500
From: David Lechner <dlechner@...libre.com>
To: Jonathan Cameron <jic23@...nel.org>
Cc: Michael Hennerich <Michael.Hennerich@...log.com>,
 Nuno Sá <nuno.sa@...log.com>,
 Andy Shevchenko <andy@...nel.org>, Rob Herring <robh@...nel.org>,
 Krzysztof Kozlowski <krzk+dt@...nel.org>, Conor Dooley
 <conor+dt@...nel.org>, Mark Brown <broonie@...nel.org>,
 linux-iio@...r.kernel.org, linux-kernel@...r.kernel.org,
 devicetree@...r.kernel.org, linux-spi@...r.kernel.org
Subject: Re: [PATCH 8/9] iio: adc: ad_sigma_delta: add SPI offload support

On 6/22/25 10:00 AM, Jonathan Cameron wrote:
> On Fri, 20 Jun 2025 17:20:14 -0500
> David Lechner <dlechner@...libre.com> wrote:
> 
>> Add SPI offload support to the ad_sigma_delta module.
>>

...

>> @@ -670,7 +700,8 @@ static irqreturn_t ad_sd_data_rdy_trig_poll(int irq, void *private)
>>  	if ((!sigma_delta->rdy_gpiod || gpiod_get_value(sigma_delta->rdy_gpiod)) &&
>>  	    ad_sd_disable_irq(sigma_delta)) {
>>  		complete(&sigma_delta->completion);
>> -		iio_trigger_poll(sigma_delta->trig);
>> +		if (sigma_delta->trig)
> 
> Is this defensive or can we actually get here with out a trigger?
> I would have thought in the offload case (so no trigger here) we'd not call this
> function at all.  Mind you, can't we get here with no trigger when doing
> a calibration or simple read normally?  

The difference is that with SPI offload, sigma_delta->trig is NULL
but without SPI offload, it is never NULL. iio_trigger_poll() doesn't
check for NULL and would crash with NULL pointer dereference.

During calibration and single conversion the poll function isn't
attached to the trigger, so I guess that is why it didn't really
hurt to call iio_trigger_poll() in that case.

> 
>> +			iio_trigger_poll(sigma_delta->trig);
>>  
>>  		return IRQ_HANDLED;
>>  	}
> 
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ