| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 16 Oct 2008 18:45:03 +0400 From: Anton Vorontsov <avorontsov@...mvista.com> To: David Brownell <dbrownell@...rs.sourceforge.net> Cc: Andrew Morton <akpm@...ux-foundation.org>, linux-kernel@...r.kernel.org Subject: [PATCH] gpiolib: fix oops on reading sysfs exported GPIOs We can get the following oops when a GPIO controller doesn't provide .direction_input and .get callbacks: root@b1:~# cat /sys/class/gpio/gpio255/value Unable to handle kernel paging request for instruction fetch Faulting instruction address: 0x00000000 Oops: Kernel access of bad area, sig: 11 [#1] [...] NIP [00000000] 0x0 LR [c0182fb0] gpio_get_value_cansleep+0x40/0x50 Call Trace: [c7b79e80] [c0183f28] gpio_value_show+0x5c/0x94 [c7b79ea0] [c01a584c] dev_attr_show+0x30/0x7c [c7b79eb0] [c00d6b48] fill_read_buffer+0x68/0xe0 [c7b79ed0] [c00d6c54] sysfs_read_file+0x94/0xbc [c7b79ef0] [c008f24c] vfs_read+0xb4/0x16c [c7b79f10] [c008f580] sys_read+0x4c/0x90 [c7b79f40] [c0013a14] ret_from_syscall+0x0/0x38 GPIO users should always issue the gpio_direction_input() call and check its return value prior to trying gpio_get_value(). For sysfs users there are few ways to solve the problem: 1. Call gpio_direction_input() in the gpio_value_show(). This isn't good because some GPIO controllers provide capability to read-back output pins. Using the FLAG_IS_OUT isn't good for the same reason. 2. Call gpio_direction_input() at the export time, if succeeded, set FLAG_CAN_INPUT. Then check that flag in the gpio_value_show(). Viable. 3. Just check for .get != NULL in the gpio_value_show(). Most straightforward. This is implemented in the patch. Signed-off-by: Anton Vorontsov <avorontsov@...mvista.com> --- drivers/gpio/gpiolib.c | 2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diff --git a/drivers/gpio/gpiolib.c b/drivers/gpio/gpiolib.c index 8d29405..4e4a498 100644 --- a/drivers/gpio/gpiolib.c +++ b/drivers/gpio/gpiolib.c @@ -236,6 +236,8 @@ static ssize_t gpio_value_show(struct device *dev, if (!test_bit(FLAG_EXPORT, &desc->flags)) status = -EIO; + else if (!desc->chip->get) + status = -EINVAL; else status = sprintf(buf, "%d\n", gpio_get_value_cansleep(gpio)); -- 1.5.6.3 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists