Hello.
While searching for races in the Linux kernel I've come across
"drivers/misc/apds990x.ko" module. Here are questions that I came up
with while analyzing results. Lines are given using the info from Linux
v4.12.
Consider the following case:
Thread 1: Thread 2:
apds990x_suspend
apds990x_resume apds990x_irq
-> apds990x_chip_on if (!pm_runtime_suspended
(chip->client->dev)){
-> apds990x_configure if (status & APDS990X_ST_AINT) {
chip->again_meas = 1 chip->again_meas = chip->again_next
(apds990x.c: line 571) (apds990x.c: line 505)
}
}
First question. Is this race feasible from your point of view?
Second question. The check for the device suspension status
(pm_runtime_suspended()) is present in the interrupt handler, but the
functions pm_runtime_set_suspended / pm_runtime_set_active are not used
in apds990x_suspend / apds990x_resume respectively. Do you know about
any other method being used to make the modification of suspension status?
Thank you for your time.
-- Anton Volkov
Linux Verification Center, ISPRAS
web: http://linuxtesting.org
e-mail: [email protected]
On Thu, Aug 10, 2017 at 05:57:30PM +0300, Anton Volkov wrote:
> Hello.
>
> While searching for races in the Linux kernel I've come across
> "drivers/misc/apds990x.ko" module. Here are questions that I came up with
> while analyzing results. Lines are given using the info from Linux v4.12.
>
> Consider the following case:
>
> Thread 1: Thread 2:
> apds990x_suspend
> apds990x_resume apds990x_irq
> -> apds990x_chip_on if (!pm_runtime_suspended
> (chip->client->dev)){
> -> apds990x_configure if (status & APDS990X_ST_AINT) {
> chip->again_meas = 1 chip->again_meas = chip->again_next
> (apds990x.c: line 571) (apds990x.c: line 505)
> }
> }
>
> First question. Is this race feasible from your point of view?
> Second question. The check for the device suspension status
> (pm_runtime_suspended()) is present in the interrupt handler, but the
> functions pm_runtime_set_suspended / pm_runtime_set_active are not used in
> apds990x_suspend / apds990x_resume respectively. Do you know about any other
> method being used to make the modification of suspension status?
No idea, sorry. Maybe the driver authors know?
greg k-h
The author of this driver as well as bh1770glc.ko is Samu Onkalo. His
e-mail that was found as a contact in the module's source is invalid. I
tried to add him previous time (Question about bh1770glc.ko). The
message was not delivered then.
On 10.08.2017 18:07, Greg KH wrote:
> On Thu, Aug 10, 2017 at 05:57:30PM +0300, Anton Volkov wrote:
>> Hello.
>>
>> While searching for races in the Linux kernel I've come across
>> "drivers/misc/apds990x.ko" module. Here are questions that I came up with
>> while analyzing results. Lines are given using the info from Linux v4.12.
>>
>> Consider the following case:
>>
>> Thread 1: Thread 2:
>> apds990x_suspend
>> apds990x_resume apds990x_irq
>> -> apds990x_chip_on if (!pm_runtime_suspended
>> (chip->client->dev)){
>> -> apds990x_configure if (status & APDS990X_ST_AINT) {
>> chip->again_meas = 1 chip->again_meas = chip->again_next
>> (apds990x.c: line 571) (apds990x.c: line 505)
>> }
>> }
>>
>> First question. Is this race feasible from your point of view?
>> Second question. The check for the device suspension status
>> (pm_runtime_suspended()) is present in the interrupt handler, but the
>> functions pm_runtime_set_suspended / pm_runtime_set_active are not used in
>> apds990x_suspend / apds990x_resume respectively. Do you know about any other
>> method being used to make the modification of suspension status?
>
> No idea, sorry. Maybe the driver authors know?
>
> greg k-h
>
--
-- Anton Volkov
Linux Verification Center, ISPRAS
web: http://linuxtesting.org
e-mail: [email protected]