lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sat, 18 Jun 2016 23:37:31 +0900 From: Tomasz Figa <tomasz.figa@...il.com> To: Krzysztof Kozlowski <k.kozlowski@...sung.com> Cc: Sylwester Nawrocki <s.nawrocki@...sung.com>, Michael Turquette <mturquette@...libre.com>, Stephen Boyd <sboyd@...eaurora.org>, Kukjin Kim <kgene@...nel.org>, "linux-samsung-soc@...r.kernel.org" <linux-samsung-soc@...r.kernel.org>, linux-clk@...r.kernel.org, linux-arm-kernel <linux-arm-kernel@...ts.infradead.org>, linux-kernel <linux-kernel@...r.kernel.org>, Bartlomiej Zolnierkiewicz <b.zolnierkie@...sung.com>, Marek Szyprowski <m.szyprowski@...sung.com> Subject: Re: [PATCH] clk: samsung: Suppress unbinding to prevent theoretical attacks Hi, 2016-05-17 16:26 GMT+09:00 Krzysztof Kozlowski <k.kozlowski@...sung.com>: > Although unbinding a driver requires root privileges but it still might > be used theoretically in certain attacks (by triggering NULL pointer > exception or memory corruption if driver does not provide proper remove > callbacks or core does not handle it). > > Samsung clock drivers are essential for system operation so their > removal is not expected. More over, the Exynos3250 ISP clock driver does > not implement remove() driver callback and it is not buildable as > modules. > > Suppress the unbind interface for Exynos3250 ISP and S3C2410 DCLK clock > drivers. > > Suggested-by: Marek Szyprowski <m.szyprowski@...sung.com> > Cc: Marek Szyprowski <m.szyprowski@...sung.com> > Signed-off-by: Krzysztof Kozlowski <k.kozlowski@...sung.com> > --- > drivers/clk/samsung/clk-exynos3250.c | 1 + > drivers/clk/samsung/clk-s3c2410-dclk.c | 5 +++-- > 2 files changed, 4 insertions(+), 2 deletions(-) Makes sense. (By the way, I wonder if we ever see a solution for the unbind problem with .remove implemented and some resources that can't be released at the time .unbind is attempted...) Acked-by: Tomasz Figa <tomasz.figa@...il.com> Best regards, Tomasz
Powered by blists - more mailing lists