Re: [PATCHv7 6/7] eeprom: 93xx46: extend driver to plug into the NVMEM framework

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Vladimir Zapolskiy <vz@mleia.com>
To: Andrew Lunn <andrew@lunn.ch>
Cc: GregKH <greg@kroah.com>,
	srinivas.kandagatla@linaro.org, maxime.ripard@free-electrons.com,
	wsa@the-dreams.de, broonie@kernel.org,
	linux-kernel@vger.kernel.org, pantelis.antoniou@konsulko.com,
	bgolaszewski@baylibre.com
Subject: Re: [PATCHv7 6/7] eeprom: 93xx46: extend driver to plug into the NVMEM framework
Date: Thu, 3 Mar 2016 01:18:14 +0200	[thread overview]
Message-ID: <56D774B6.6070108@mleia.com> (raw)
In-Reply-To: <20160302222639.GC15541@lunn.ch>

On 03.03.2016 00:26, Andrew Lunn wrote:
>>>  static ssize_t
>>> -eeprom_93xx46_bin_read(struct file *filp, struct kobject *kobj,
>>> -		       struct bin_attribute *bin_attr,
>>> -		       char *buf, loff_t off, size_t count)
>>> +eeprom_93xx46_read(struct eeprom_93xx46_dev *edev, char *buf,
>>> +		   unsigned off, size_t count)
>>>  {
>>> -	struct eeprom_93xx46_dev *edev;
>>> -	struct device *dev;
>>>  	ssize_t ret = 0;
>>>  
>>> -	dev = kobj_to_dev(kobj);
>>> -	edev = dev_get_drvdata(dev);
>>> +	if (unlikely(off >= edev->size))
>>> +		return 0;
>>> +	if ((off + count) > edev->size)
>>> +		count = edev->size - off;
>>> +	if (unlikely(!count))
>>> +		return count;
>>>  
>>
>> I'm scratching my head, do you want to kind of revert
>> the change https://lkml.org/lkml/2015/7/26/89 ? Why?
> 
> Hi Vladimir
> 
> I had not noticed you had removed this.
>  
>> If you know regmap_config.max_register, then all necessary
>> boundary checks can be done inside NVMEM core.
> 
> You don't have to use NVMEM, you could use the regmap directly. 

No problem, regmap API from drivers/base/regmap/regmap.c contains
all necessary boundary checks as far as I understand.

> It is a public API. Also, during implementation, i did manage to get out of
> bounds read passed into the drivers and they caused a crash. That
> might of been AT24, i don't remember, but verifying is better than
> possible crashing.
> 

IMHO to avoid boilerplate code and/or missed/redundant checks it
might be better to handle this particular kind of problem only
in one common place, for example sysfs binary attribute files do
not need this anymore, probably I should scrutinize the situation
with this transition to NVMEM as well.

If you remember a reproduction scenario for that crash, please let
me know.

At least this changeset must be applied I guess, am I right?
In other words is the code without this changeset safe in connection
to boundary checks, and this is a new discovered issue?

--
With best wishes,
Vladimir

next prev parent reply	other threads:[~2016-03-02 23:18 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-02-26 19:59 [PATCHv7 0/7] Convert exiting EEPROM drivers to NVMEM Andrew Lunn
2016-02-26 19:59 ` [PATCHv7 1/7] nvmem: Add flag to export NVMEM to root only Andrew Lunn
2016-02-26 19:59 ` [PATCHv7 2/7] nvmem: Add backwards compatibility support for older EEPROM drivers Andrew Lunn
2016-02-26 19:59 ` [PATCHv7 3/7] eeprom: at24: extend driver to plug into the NVMEM framework Andrew Lunn
2016-03-02 21:46   ` Vladimir Zapolskiy
2016-03-02 21:48     ` Andrew Lunn
2016-03-02 23:03       ` Vladimir Zapolskiy
2016-02-26 19:59 ` [PATCHv7 4/7] eeprom: at25: Remove in kernel API for accessing the EEPROM Andrew Lunn
2016-02-28 21:02   ` Wolfram Sang
2016-02-26 19:59 ` [PATCHv7 5/7] eeprom: at25: extend driver to plug into the NVMEM framework Andrew Lunn
2016-03-02 21:56   ` Vladimir Zapolskiy
2016-02-26 19:59 ` [PATCHv7 6/7] eeprom: 93xx46: " Andrew Lunn
2016-03-02 22:08   ` Vladimir Zapolskiy
2016-03-02 22:26     ` Andrew Lunn
2016-03-02 23:18       ` Vladimir Zapolskiy [this message]
2016-02-26 19:59 ` [PATCHv7 7/7] misc: at24: replace memory_accessor with nvmem_device_read Andrew Lunn
2016-02-28 21:01   ` Wolfram Sang
2016-03-02  0:56 ` [PATCHv7 0/7] Convert exiting EEPROM drivers to NVMEM Greg KH
2016-03-06 12:06   ` Wolfram Sang

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=56D774B6.6070108@mleia.com \
    --to=vz@mleia.com \
    --cc=andrew@lunn.ch \
    --cc=bgolaszewski@baylibre.com \
    --cc=broonie@kernel.org \
    --cc=greg@kroah.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=maxime.ripard@free-electrons.com \
    --cc=pantelis.antoniou@konsulko.com \
    --cc=srinivas.kandagatla@linaro.org \
    --cc=wsa@the-dreams.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.