From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: Zheyu Ma <zheyuma97@gmail.com>
Cc: Jiri Slaby <jirislaby@kernel.org>,
Andy Shevchenko <andy.shevchenko@gmail.com>,
"open list:SERIAL DRIVERS" <linux-serial@vger.kernel.org>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH v4] tty: serial: jsm: allocate queue buffer at probe time
Date: Fri, 9 Jul 2021 16:20:29 +0200 [thread overview]
Message-ID: <YOhbLaeGKGJEFEOe@kroah.com> (raw)
In-Reply-To: <CAMhUBjmGD+KH_faMJyZGBpufxPVWw7uz4tUgFtrenx-HovjxZg@mail.gmail.com>
On Fri, Jul 09, 2021 at 10:00:32PM +0800, Zheyu Ma wrote:
> On Thu, Jul 8, 2021 at 3:13 AM Jiri Slaby <jirislaby@kernel.org> wrote:
> >
> > On 07. 07. 21, 14:52, Andy Shevchenko wrote:
> > > On Wed, Jul 7, 2021 at 10:50 AM Jiri Slaby <jirislaby@kernel.org> wrote:
> > >> On 05. 07. 21, 14:53, Zheyu Ma wrote:
> > >
> > >> So how it comes an interrupt came before
> > >> neo_param() in jsm_tty_open was called?
> > >
> > > If IRQ is shared we have a special debug feature to test shared IRQs
> > > on freeing IRQ stage (*).
> > > But it doesn't matter, the IRQ handler must survive at any stage after
> > > the action has been listed.
> >
> > Yes, but IRQ_NONE is returned from the ISR in that case.
> >
> > The issue the patch is fixing is for a "malicious" device and I am not
> > sure we want to fix this -- if I can put in a malicious device, I can
> > use hammer to kill the box too…
>
> Well, this threat assumption is indeed strong, but this attack may be
> real. For example, some programmable USB devices (such as FaceDancer)
> may exploit vulnerabilities in the USB device driver to attack. Of
> course, there has not been such an attack in the real world for PCI
> devices. Or, some devices with DMA functions may also send malicious
> data and some previous kernel commits have also fixed such bugs.
>
> Anyway, thanks for your patient comments.
Right now, yes, we treat USB devices as "possibly malicious". We do not
do so for PCI devices yet. If we want to do that, then we need to do a
lot of work, not just "this one call in this one driver" type of thing
as there are much bigger issues involved here.
If you wish to take on this work, as you feel PCI devices should be
treated this way, please do so! But start in the PCI core at the very
least, before worrying about the thousands of individual drivers.
good luck!
greg k-h
next prev parent reply other threads:[~2021-07-09 14:20 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-07-05 12:53 [PATCH v4] tty: serial: jsm: allocate queue buffer at probe time Zheyu Ma
2021-07-07 7:49 ` Jiri Slaby
2021-07-07 12:28 ` Zheyu Ma
2021-07-07 12:52 ` Andy Shevchenko
2021-07-07 19:13 ` Jiri Slaby
2021-07-09 14:00 ` Zheyu Ma
2021-07-09 14:20 ` Greg Kroah-Hartman [this message]
2021-07-09 14:55 ` Zheyu Ma
[not found] ` <CAHp75Vdne2fVAdmMYPn71T8LnSNMxVhBVK8dbmMASTSTUnOjBA@mail.gmail.com>
2021-07-07 10:37 ` Zheyu Ma
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YOhbLaeGKGJEFEOe@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=andy.shevchenko@gmail.com \
--cc=jirislaby@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-serial@vger.kernel.org \
--cc=zheyuma97@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).