lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 24 Apr 2015 08:56:34 -0700
From:	Florian Fainelli <f.fainelli@...il.com>
To:	David Miller <davem@...emloft.net>,
	vivien.didelot@...oirfairelinux.com
CC:	netdev@...r.kernel.org, linux-kernel@...r.kernel.org,
	kernel@...oirfairelinux.com
Subject: Re: [PATCH] net: mdio-gpio: support access that may sleep

On 24/04/15 08:04, David Miller wrote:
> From: Vivien Didelot <vivien.didelot@...oirfairelinux.com>
> Date: Wed, 22 Apr 2015 13:06:54 -0400
> 
>> Some systems using mdio-gpio may use gpio on message based busses, which
>> require sleeping (e.g. gpio from an I2C I/O expander).
>>
>> Since this driver does not use IRQ handler, it is safe to use the
>> _cansleep suffixed gpio accessors.
>>
>> Signed-off-by: Vivien Didelot <vivien.didelot@...oirfairelinux.com>
> 
> Since this is down underneath the layer of an MII bus, you cannot
> universally say that these routines are always called in a sleepable
> context.
> 
> The PHY layer, and the driver itself above that, might call these
> routines from timers, interruptes etc.

The PHY library calls these routines from its state machine workqueue
for that reason, or from process context (when invoked via ethtool
ioctl). The only special case is phy_mac_interrupt() which is callable
from interrupt context, but schedules the state machine workqueue anyway
to circumvent the "in-interrupt" context.

If we were not doing that, there would be a number of things broken, for
instance the per-MDIO bus mutex would not protect us from anything.

> 
> In fact, since the whole point of this driver is to provide a specific
> implementation for programming registers over an MII bus, it's quite
> rediculuous to say that just because interrupts are not used in this
> implementation it means that sleeping is always valid.
> 
> You have to look at all of the (real and potential) users, all the way
> up into the specific ethernet drivers.

It seems to me like this patch in itself is ok, but if there are
particular drivers you believe are at risk, then yes, we definitively
need to audit those.
-- 
Florian
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ