| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 1 Aug 2017 10:09:09 +0200
From: Linus Walleij <linus.walleij@...aro.org>
To: Masami Hiramatsu <mhiramat@...nel.org>
Cc: "linux-gpio@...r.kernel.org" <linux-gpio@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
Andy Shevchenko <andy.shevchenko@...il.com>,
Masahiro Yamada <yamada.masahiro@...ionext.com>,
Masami Hiramatsu <masami.hiramatsu@...aro.org>,
Jassi Brar <jaswinder.singh@...aro.org>
Subject: Re: [PATCH v2] [BUGFIX] gpio: reject invalid gpio before getting gpio_desc
On Mon, Jul 31, 2017 at 3:57 AM, Masami Hiramatsu <mhiramat@...nel.org> wrote:
> Check user-given gpio number and reject it before
> calling gpio_to_desc() because gpio_to_desc() is
> for kernel driver and it expects given gpio number
> is valid (means 0 to 511).
> If given number is invalid, gpio_to_desc() calls
> WARN() and dump registers and stack for debug.
> This means user can easily kick WARN() just by
> writing invalid gpio number (e.g. 512) to
> /sys/class/gpio/export.
>
> Fixes: 0e9a5edf5d01 ("gpio: fix deferred probe detection for legacy API")
> Signed-off-by: Masami Hiramatsu <mhiramat@...nel.org>
> ---
> Changes in v2:
> - Add gpio_to_valid_desc() according to Andy's comment (Thanks!).
> - Fix patch description.
I hate the old sysfs ABI sigh. Thanks for fixing it anyways!
Should this be tagged for stable?
Waiting for Andy's review before applying.
Yours,
Linus Walleij
Powered by blists - more mailing lists