Re: [PATCH 4/4] platform/x86: Add Intel Software Defined Silicon driver

linux-pci.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: "David E. Box" <david.e.box@linux.intel.com>
To: Greg KH <gregkh@linuxfoundation.org>
Cc: lee.jones@linaro.org, hdegoede@redhat.com, bhelgaas@google.com,
	andriy.shevchenko@linux.intel.com, srinivas.pandruvada@intel.com,
	mgross@linux.intel.com, linux-kernel@vger.kernel.org,
	platform-driver-x86@vger.kernel.org, linux-pci@vger.kernel.org
Subject: Re: [PATCH 4/4] platform/x86: Add Intel Software Defined Silicon driver
Date: Sun, 21 Nov 2021 09:18:25 -0800	[thread overview]
Message-ID: <4d8ba355de09a4a806b6075305ca8d7156dc70ef.camel@linux.intel.com> (raw)
In-Reply-To: <YZo8HUxx8LNgOMeK@kroah.com>

Hi Greg,

On Sun, 2021-11-21 at 13:31 +0100, Greg KH wrote:
> On Sat, Nov 20, 2021 at 03:17:05PM -0800, David E. Box wrote:
> > +static ssize_t registers_read(struct file *filp, struct kobject *kobj,
> > +			      struct bin_attribute *attr, char *buf, loff_t off,
> > +			      size_t count)
> > +{
> > +	struct device *dev = kobj_to_dev(kobj);
> > +	struct sdsi_priv *priv = dev_get_drvdata(dev);
> > +	void __iomem *addr = priv->regs_addr;
> > +
> > +	memcpy_fromio(buf, addr + off, count);
> 
> Oh nice, this will be fun if I provide "interesting" values for off to
> the function right?
> 
> Remember:
> 	All input is evil.

I was relying on sysfs_kf_bin_read() which checks off (pos) before calling us.

        if (size) {
                if (pos >= size)
                        return 0;
                if (pos + count > size)
                        count = size - pos;
        }

> 
> > +
> > +	return count;
> > +}
> > +static BIN_ATTR(registers, 0400, registers_read, NULL, SDSI_SIZE_REGS);
> > +
> > +static struct bin_attribute *sdsi_bin_attrs[] = {
> > +	&bin_attr_registers,
> > +	&bin_attr_state_certificate,
> > +	&bin_attr_provision_akc,
> > +	&bin_attr_provision_cap,
> > +	NULL
> > +};
> > +
> > +static ssize_t guid_show(struct device *dev, struct device_attribute *attr,
> > char *buf)
> > +{
> > +	struct sdsi_priv *priv = dev_get_drvdata(dev);
> > +
> > +	return sprintf(buf, "0x%x\n", priv->guid);
> 
> sysfs_emit() please.
> 
> These sysfs attributes are crazy.  Who has audited them to be correct
> and work properly? It feels like there are just buffer overflows
> waiting to be exploited in them due to the reading/writing of raw memory
> buffers all over the place.

Agree with the concern. I can submit the tests that were used. Is selftests the
best place?

> 
> Where is the userspace tool that uses these files?

The tool will be published in the same github repo as the spec once the driver
is ready.

Thanks.

David

> 
> thanks,
> 
> greg k-h

next prev parent reply	other threads:[~2021-11-21 17:18 UTC|newest]

Thread overview: 16+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-11-20 23:17 [PATCH 0/4] Auxiliary bus driver support for Intel PCIe VSEC/DVSEC David E. Box
2021-11-20 23:17 ` [PATCH 1/4] PCI: Add #defines for accessing PCIe DVSEC fields David E. Box
2021-11-21 12:24   ` Greg KH
2021-11-21 15:48     ` David E. Box
2021-11-22 18:28     ` Bjorn Helgaas
2021-11-20 23:17 ` [PATCH 2/4] driver core: auxiliary bus: Add driver data helpers David E. Box
2021-11-20 23:17 ` [PATCH 3/4] platform/x86/intel: Move intel_pmt from MFD to Auxiliary Bus David E. Box
2021-11-22 18:43   ` Bjorn Helgaas
2021-11-22 23:09     ` David E. Box
2021-11-20 23:17 ` [PATCH 4/4] platform/x86: Add Intel Software Defined Silicon driver David E. Box
2021-11-21 12:31   ` Greg KH
2021-11-21 17:18     ` David E. Box [this message]
2021-11-22  6:21       ` Greg KH
2021-11-22 14:51         ` David E. Box
2021-11-22 18:44   ` Bjorn Helgaas
2021-11-22 23:20     ` David E. Box

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4d8ba355de09a4a806b6075305ca8d7156dc70ef.camel@linux.intel.com \
    --to=david.e.box@linux.intel.com \
    --cc=andriy.shevchenko@linux.intel.com \
    --cc=bhelgaas@google.com \
    --cc=gregkh@linuxfoundation.org \
    --cc=hdegoede@redhat.com \
    --cc=lee.jones@linaro.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-pci@vger.kernel.org \
    --cc=mgross@linux.intel.com \
    --cc=platform-driver-x86@vger.kernel.org \
    --cc=srinivas.pandruvada@intel.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).