From: Anirudh Rayabharam <mail@anirudhrb.com>
To: mcgrof@kernel.org, gregkh@linuxfoundation.org, rafael@kernel.org,
skhan@linuxfoundation.org
Cc: Anirudh Rayabharam <mail@anirudhrb.com>,
linux-kernel@vger.kernel.org,
linux-kernel-mentees@lists.linuxfoundation.org
Subject: [PATCH v6 1/2] firmware_loader: use -ETIMEDOUT instead of -EAGAIN in fw_load_sysfs_fallback
Date: Thu, 22 Jul 2021 18:02:28 +0530 [thread overview]
Message-ID: <20210722123229.8731-2-mail@anirudhrb.com> (raw)
In-Reply-To: <20210722123229.8731-1-mail@anirudhrb.com>
The only motivation for using -EAGAIN in commit 0542ad88fbdd81bb
("firmware loader: Fix _request_firmware_load() return val for fw load
abort") was to distinguish the error from -ENOMEM, and so there is no
real reason in keeping it. Keeping -ETIMEDOU is much telling of what the
reason for a failure is, so just use that.
The rest is just trying to document a bit more of the motivations for the
error codes, as otherwise we'd lose this information easily.
Suggested-by: Luis Chamberlain <mcgrof@kernel.org>
Signed-off-by: Anirudh Rayabharam <mail@anirudhrb.com>
---
drivers/base/firmware_loader/fallback.c | 34 +++++++++++++++++--------
1 file changed, 24 insertions(+), 10 deletions(-)
diff --git a/drivers/base/firmware_loader/fallback.c b/drivers/base/firmware_loader/fallback.c
index 91899d185e31..1db94165feaf 100644
--- a/drivers/base/firmware_loader/fallback.c
+++ b/drivers/base/firmware_loader/fallback.c
@@ -70,7 +70,29 @@ static inline bool fw_sysfs_loading(struct fw_priv *fw_priv)
static inline int fw_sysfs_wait_timeout(struct fw_priv *fw_priv, long timeout)
{
- return __fw_state_wait_common(fw_priv, timeout);
+ int ret = __fw_state_wait_common(fw_priv, timeout);
+
+ /*
+ * A signal could be sent to abort a wait. Consider Android's init
+ * gettting a SIGCHLD, which in turn was the same process issuing the
+ * sysfs store call for the fallback. In such cases we want to be able
+ * to tell apart in userspace when a signal caused a failure on the
+ * wait. In such cases we'd get -ERESTARTSYS.
+ *
+ * Likewise though another race can happen and abort the load earlier.
+ *
+ * In either case the situation is interrupted so we just inform
+ * userspace of that and we end things right away.
+ *
+ * When we really time out just tell userspace it should try again,
+ * perhaps later.
+ */
+ if (ret == -ERESTARTSYS || fw_state_is_aborted(fw_priv))
+ ret = -EINTR;
+ else if (fw_priv->is_paged_buf && !fw_priv->data)
+ ret = -ENOMEM;
+
+ return ret;
}
struct fw_sysfs {
@@ -526,20 +548,12 @@ static int fw_load_sysfs_fallback(struct fw_sysfs *fw_sysfs, long timeout)
}
retval = fw_sysfs_wait_timeout(fw_priv, timeout);
- if (retval < 0 && retval != -ENOENT) {
+ if (retval < 0) {
mutex_lock(&fw_lock);
fw_load_abort(fw_sysfs);
mutex_unlock(&fw_lock);
}
- if (fw_state_is_aborted(fw_priv)) {
- if (retval == -ERESTARTSYS)
- retval = -EINTR;
- else
- retval = -EAGAIN;
- } else if (fw_priv->is_paged_buf && !fw_priv->data)
- retval = -ENOMEM;
-
device_del(f_dev);
err_put_dev:
put_device(f_dev);
--
2.26.2
WARNING: multiple messages have this Message-ID (diff)
From: Anirudh Rayabharam <mail@anirudhrb.com>
To: mcgrof@kernel.org, gregkh@linuxfoundation.org, rafael@kernel.org,
skhan@linuxfoundation.org
Cc: linux-kernel-mentees@lists.linuxfoundation.org,
linux-kernel@vger.kernel.org
Subject: [PATCH v6 1/2] firmware_loader: use -ETIMEDOUT instead of -EAGAIN in fw_load_sysfs_fallback
Date: Thu, 22 Jul 2021 18:02:28 +0530 [thread overview]
Message-ID: <20210722123229.8731-2-mail@anirudhrb.com> (raw)
In-Reply-To: <20210722123229.8731-1-mail@anirudhrb.com>
The only motivation for using -EAGAIN in commit 0542ad88fbdd81bb
("firmware loader: Fix _request_firmware_load() return val for fw load
abort") was to distinguish the error from -ENOMEM, and so there is no
real reason in keeping it. Keeping -ETIMEDOU is much telling of what the
reason for a failure is, so just use that.
The rest is just trying to document a bit more of the motivations for the
error codes, as otherwise we'd lose this information easily.
Suggested-by: Luis Chamberlain <mcgrof@kernel.org>
Signed-off-by: Anirudh Rayabharam <mail@anirudhrb.com>
---
drivers/base/firmware_loader/fallback.c | 34 +++++++++++++++++--------
1 file changed, 24 insertions(+), 10 deletions(-)
diff --git a/drivers/base/firmware_loader/fallback.c b/drivers/base/firmware_loader/fallback.c
index 91899d185e31..1db94165feaf 100644
--- a/drivers/base/firmware_loader/fallback.c
+++ b/drivers/base/firmware_loader/fallback.c
@@ -70,7 +70,29 @@ static inline bool fw_sysfs_loading(struct fw_priv *fw_priv)
static inline int fw_sysfs_wait_timeout(struct fw_priv *fw_priv, long timeout)
{
- return __fw_state_wait_common(fw_priv, timeout);
+ int ret = __fw_state_wait_common(fw_priv, timeout);
+
+ /*
+ * A signal could be sent to abort a wait. Consider Android's init
+ * gettting a SIGCHLD, which in turn was the same process issuing the
+ * sysfs store call for the fallback. In such cases we want to be able
+ * to tell apart in userspace when a signal caused a failure on the
+ * wait. In such cases we'd get -ERESTARTSYS.
+ *
+ * Likewise though another race can happen and abort the load earlier.
+ *
+ * In either case the situation is interrupted so we just inform
+ * userspace of that and we end things right away.
+ *
+ * When we really time out just tell userspace it should try again,
+ * perhaps later.
+ */
+ if (ret == -ERESTARTSYS || fw_state_is_aborted(fw_priv))
+ ret = -EINTR;
+ else if (fw_priv->is_paged_buf && !fw_priv->data)
+ ret = -ENOMEM;
+
+ return ret;
}
struct fw_sysfs {
@@ -526,20 +548,12 @@ static int fw_load_sysfs_fallback(struct fw_sysfs *fw_sysfs, long timeout)
}
retval = fw_sysfs_wait_timeout(fw_priv, timeout);
- if (retval < 0 && retval != -ENOENT) {
+ if (retval < 0) {
mutex_lock(&fw_lock);
fw_load_abort(fw_sysfs);
mutex_unlock(&fw_lock);
}
- if (fw_state_is_aborted(fw_priv)) {
- if (retval == -ERESTARTSYS)
- retval = -EINTR;
- else
- retval = -EAGAIN;
- } else if (fw_priv->is_paged_buf && !fw_priv->data)
- retval = -ENOMEM;
-
device_del(f_dev);
err_put_dev:
put_device(f_dev);
--
2.26.2
_______________________________________________
Linux-kernel-mentees mailing list
Linux-kernel-mentees@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/linux-kernel-mentees
next prev parent reply other threads:[~2021-07-22 12:33 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-07-22 12:32 [PATCH v6 0/2] firmware_loader: fix uaf in firmware_fallback_sysfs Anirudh Rayabharam
2021-07-22 12:32 ` Anirudh Rayabharam
2021-07-22 12:32 ` Anirudh Rayabharam [this message]
2021-07-22 12:32 ` [PATCH v6 1/2] firmware_loader: use -ETIMEDOUT instead of -EAGAIN in fw_load_sysfs_fallback Anirudh Rayabharam
2021-07-22 19:59 ` Luis Chamberlain
2021-07-22 19:59 ` Luis Chamberlain
2021-07-23 13:58 ` Anirudh Rayabharam
2021-07-23 13:58 ` Anirudh Rayabharam
2021-07-23 17:26 ` Luis Chamberlain
2021-07-23 17:26 ` Luis Chamberlain
2021-07-22 12:32 ` [PATCH v6 2/2] firmware_loader: fix use-after-free in firmware_fallback_sysfs Anirudh Rayabharam
2021-07-22 12:32 ` Anirudh Rayabharam
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210722123229.8731-2-mail@anirudhrb.com \
--to=mail@anirudhrb.com \
--cc=gregkh@linuxfoundation.org \
--cc=linux-kernel-mentees@lists.linuxfoundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mcgrof@kernel.org \
--cc=rafael@kernel.org \
--cc=skhan@linuxfoundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.