linux-arm-kernel.lists.infradead.org archive mirror
 help / color / mirror / Atom feed
From: Matti Vaittinen <mazziesaccount@gmail.com>
To: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Cc: "Alexandre Belloni" <alexandre.belloni@bootlin.com>,
	linux-iio@vger.kernel.org,
	"Gwendal Grignou" <gwendal@chromium.org>,
	linux-kernel@vger.kernel.org,
	"Paul Cercueil" <paul@crapouillou.net>,
	"Miquel Raynal" <miquel.raynal@bootlin.com>,
	"Guenter Roeck" <groeck@chromium.org>,
	chrome-platform@lists.linux.dev,
	"Lars-Peter Clausen" <lars@metafoo.de>,
	"Miaoqian Lin" <linmq006@gmail.com>,
	"Uwe Kleine-König" <u.kleine-koenig@pengutronix.de>,
	"Alexandru Ardelean" <alexandru.ardelean@analog.com>,
	"Mihail Chindris" <mihail.chindris@analog.com>,
	"Michael Hennerich" <Michael.Hennerich@analog.com>,
	"Cosmin Tanislav" <cosmin.tanislav@analog.com>,
	"Nathan Chancellor" <nathan@kernel.org>,
	"Benson Leung" <bleung@chromium.org>,
	linux-arm-kernel@lists.infradead.org,
	"Matti Vaittinen" <matti.vaittinen@fi.rohmeurope.com>,
	"Eugen Hristev" <eugen.hristev@microchip.com>,
	"Claudiu Beznea" <claudiu.beznea@microchip.com>,
	"Jonathan Cameron" <jic23@kernel.org>
Subject: Re: [RFT PATCH v3 10/10] iio: Don't silently expect attribute types
Date: Mon, 3 Oct 2022 12:02:56 +0300	[thread overview]
Message-ID: <7ae09809-4f3c-9872-5a87-0a05e73d39b4@gmail.com> (raw)
In-Reply-To: <b36ee317-abfe-9f55-70b5-bbf3138f50c0@gmail.com>

On 10/3/22 11:58, Matti Vaittinen wrote:
> Hi Andy,
> 
> Thanks for taking the time to review :) Much appreciated.
> 
> On 10/3/22 11:43, Andy Shevchenko wrote:
>> On Mon, Oct 03, 2022 at 11:13:53AM +0300, Matti Vaittinen wrote:
>>> The iio_triggered_buffer_setup_ext() and the
>>> devm_iio_kfifo_buffer_setup_ext() were changed by
>>> commit 15097c7a1adc ("iio: buffer: wrap all buffer attributes into 
>>> iio_dev_attr")
>>> to silently expect that all attributes given in buffer_attrs array are
>>> device-attributes. This expectation was not forced by the API - and some
>>> drivers did register attributes created by IIO_CONST_ATTR().
>>>
>>> When using IIO_CONST_ATTRs the added attribute "wrapping" does not copy
>>> the pointer to stored string constant and when the sysfs file is read 
>>> the
>>> kernel will access to invalid location.
>>>
>>> Change the function signatures to expect an array of iio_dev_attrs to
>>> avoid similar errors in the future.
>>
>> ...
>> 
>>> +            attr[ARRAY_SIZE(iio_buffer_attrs) + i] =
>>> +                (struct attribute *)&id_attr->dev_attr.attr;
>>
>> ...and explicit casting here. Isn't attr is already of a struct 
>> attribute?
> 
> I am glad you asked :)
> This is one of the "things" I was not really happy about. Here we hide 
> the fact that our array is full of pointers to _const_ data. If we don't 
> cast the compiler points this out. Old code did the same thing but it 
> did this by just doing a memcpy for the pointers - which I personally 
> consider even worse as it gets really easy to miss this. The cast at 
> least hints there is something slightly "fishy" going on.
> 
> My "gut feeling" about the correct fix is we should check if some 
> attributes in the array (stored to the struct here) actually need to be 
> modified later (which I doubt). If I was keen on betting I'd bet we 
> could switch the struct definition to also contain pointers to const 
> attributes. I am afraid this would mean quite a few more changes to the 
> function signatures (changing struct attribute * to const struct 
> attribute *) here and there - and possibly also require some changes to 
> drivers. Thus I didn't even look at that option in the scope of this 
> fix. It should probably be a separate refactoring series. But yes - this 
> cast should catch attention as it did.
> 

Actually, now that you pointed it out - do you think this would warrant 
a FIXME comment?

> Yours,
>      -- Matti Vaittinen
> 

-- 
Matti Vaittinen
Linux kernel developer at ROHM Semiconductors
Oulu Finland

~~ When things go utterly wrong vim users can always type :help! ~~


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

  reply	other threads:[~2022-10-03  9:04 UTC|newest]

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-10-03  8:09 [PATCH v3 00/10] iio: Fix unsafe buffer attributes Matti Vaittinen
2022-10-03  8:11 ` [PATCH v3 04/10] iio: at91-sama5d2_adc: " Matti Vaittinen
2022-10-06  8:34   ` Claudiu.Beznea
2022-10-16 11:14     ` Jonathan Cameron
2022-10-03  8:13 ` [PATCH v3 09/10] iio: at91-sama5d2_adc: Use IIO_STATIC_CONST_DEVICE_ATTR() Matti Vaittinen
2022-10-06  8:35   ` Claudiu.Beznea
2022-10-03  8:13 ` [RFT PATCH v3 10/10] iio: Don't silently expect attribute types Matti Vaittinen
2022-10-03  8:43   ` Andy Shevchenko
2022-10-03  8:58     ` Matti Vaittinen
2022-10-03  9:02       ` Matti Vaittinen [this message]
2022-10-03  9:39         ` Andy Shevchenko
2022-10-03  9:42       ` Andy Shevchenko
2022-10-06  8:35   ` Claudiu.Beznea
2022-10-06 12:53     ` Matti Vaittinen
2022-10-09 17:38       ` Jonathan Cameron
2022-10-10  9:36         ` Matti Vaittinen
2022-11-05 14:45           ` Jonathan Cameron

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=7ae09809-4f3c-9872-5a87-0a05e73d39b4@gmail.com \
    --to=mazziesaccount@gmail.com \
    --cc=Michael.Hennerich@analog.com \
    --cc=alexandre.belloni@bootlin.com \
    --cc=alexandru.ardelean@analog.com \
    --cc=andriy.shevchenko@linux.intel.com \
    --cc=bleung@chromium.org \
    --cc=chrome-platform@lists.linux.dev \
    --cc=claudiu.beznea@microchip.com \
    --cc=cosmin.tanislav@analog.com \
    --cc=eugen.hristev@microchip.com \
    --cc=groeck@chromium.org \
    --cc=gwendal@chromium.org \
    --cc=jic23@kernel.org \
    --cc=lars@metafoo.de \
    --cc=linmq006@gmail.com \
    --cc=linux-arm-kernel@lists.infradead.org \
    --cc=linux-iio@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=matti.vaittinen@fi.rohmeurope.com \
    --cc=mihail.chindris@analog.com \
    --cc=miquel.raynal@bootlin.com \
    --cc=nathan@kernel.org \
    --cc=paul@crapouillou.net \
    --cc=u.kleine-koenig@pengutronix.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).