lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 20 May 2016 22:30:30 -0400 From: Javier Martinez Canillas <javier@....samsung.com> To: Krzysztof Kozlowski <k.kozlowski@...sung.com>, Sylwester Nawrocki <s.nawrocki@...sung.com>, Tomasz Figa <tomasz.figa@...il.com>, Michael Turquette <mturquette@...libre.com>, Stephen Boyd <sboyd@...eaurora.org>, Kukjin Kim <kgene@...nel.org>, linux-samsung-soc@...r.kernel.org, linux-clk@...r.kernel.org, linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org Cc: Bartlomiej Zolnierkiewicz <b.zolnierkie@...sung.com>, Marek Szyprowski <m.szyprowski@...sung.com> Subject: Re: [PATCH] clk: samsung: Suppress unbinding to prevent theoretical attacks Hello Krzysztof, On 05/17/2016 03:26 AM, Krzysztof Kozlowski wrote: > Although unbinding a driver requires root privileges but it still might > be used theoretically in certain attacks (by triggering NULL pointer > exception or memory corruption if driver does not provide proper remove > callbacks or core does not handle it). > > Samsung clock drivers are essential for system operation so their > removal is not expected. More over, the Exynos3250 ISP clock driver does > not implement remove() driver callback and it is not buildable as > modules. > > Suppress the unbind interface for Exynos3250 ISP and S3C2410 DCLK clock > drivers. > > Suggested-by: Marek Szyprowski <m.szyprowski@...sung.com> > Cc: Marek Szyprowski <m.szyprowski@...sung.com> > Signed-off-by: Krzysztof Kozlowski <k.kozlowski@...sung.com> > --- Reviewed-by: Javier Martinez Canillas <javier@....samsung.com> Best regards, -- Javier Martinez Canillas Open Source Group Samsung Research America
Powered by blists - more mailing lists