Re: [PATCH]: serial oops fixes among others

From: Theodore Ts'o (tytso@mit.edu)
Date: Wed Jul 26 2000 - 00:16:45 EST


   Date: Sun, 23 Jul 2000 02:59:31 -0500
   From: Mike Perry <mikepery@fscked.org>

   1. You could generate an oops by passing an alphabetic irq to
   setserial (this is technically a bug in setserial too, it just uses
   sscanf with no error checking). When given an alphabetic string for a
   %d, sscanf gives you some crazy negative number, which the serial
   driver just went and used to index into IRQ_ports. BOOM! Oops while
   in process setserial.

Yes, we should be checking to make sure the IRQ is non-negative.

   2. You could set the IRQ to anything if you had CAP_SYS_ADMIN. Of course,
   request_irq failed, but I was noticing system hangs in some cases
   (like trying to change the IRQ to something sane) when the serial
   driver thought the IRQ was something taken by another device. I
   changed the behavior to return the appropriate error code instead.

NO, this is incorrect. It's supposed to set the TTY_IO_ERROR flag and
return if you opened the port as root. Otherwise, you won't be able to
use setserial (which uses an ioctl, and therefore requires an open file
descriptor) to change the IRQ to be something sane.

   3. auto_irq wasn't being listened to when called from setserial. I changed
   this, but it seems that detect_uart_irq still doesn't work, at least on my
   system. I'm suspecting it might be my hardware, because I compared this
   routine with a DOS one I found, and they seemed equivalent (but then again,
   what the hell do I know about DOS? ;).

This is also an incorrect fix. Auto_IRQ is a flag which causes the
automatic IRQ configuration to happen when you explicit request an
autoconfiguration using the "setserial autoconfig" command. It is
documented as such in the setserial man page.

Automatic IRQ detection is *very* dicey. It seems to work for some
motherboards and some serial ports, but not all. I got tired of lots
people complaining that it didn't work, and sometimes producing the
wrong result, which is why it's disabled by default. Basically, lots of
PC hardware is crap....

   4. detect_uart_irq returns zero on failure, but this is checked
   nowhere, as a result, if you did manage to autoconfigure and call
   this function, if it failed, your serial IRQ was set to the timer!

Yes, changing it to retain the old IRQ is probably a good idea.

                                                        - Ted

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Mon Jul 31 2000 - 21:00:21 EST