| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 1 Aug 2017 21:22:58 +0900
From: Masami Hiramatsu <mhiramat@...nel.org>
To: Andy Shevchenko <andy.shevchenko@...il.com>
Cc: Linus Walleij <linus.walleij@...aro.org>,
"linux-gpio@...r.kernel.org" <linux-gpio@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
Masahiro Yamada <yamada.masahiro@...ionext.com>,
Masami Hiramatsu <masami.hiramatsu@...aro.org>,
Jassi Brar <jaswinder.singh@...aro.org>
Subject: Re: [PATCH v2] [BUGFIX] gpio: reject invalid gpio before getting
gpio_desc
On Tue, 1 Aug 2017 14:10:03 +0300
Andy Shevchenko <andy.shevchenko@...il.com> wrote:
> On Mon, Jul 31, 2017 at 4:57 AM, Masami Hiramatsu <mhiramat@...nel.org> wrote:
> > Check user-given gpio number and reject it before
> > calling gpio_to_desc() because gpio_to_desc() is
> > for kernel driver and it expects given gpio number
> > is valid (means 0 to 511).
> > If given number is invalid, gpio_to_desc() calls
> > WARN() and dump registers and stack for debug.
> > This means user can easily kick WARN() just by
> > writing invalid gpio number (e.g. 512) to
> > /sys/class/gpio/export.
> >
>
> Reviewed-by: Andy Shevchenko <andy.shevchenko@...il.com>
>
> (2 bikesheds below)
>
> > Fixes: 0e9a5edf5d01 ("gpio: fix deferred probe detection for legacy API")
> > Signed-off-by: Masami Hiramatsu <mhiramat@...nel.org>
> > ---
> > Changes in v2:
> > - Add gpio_to_valid_desc() according to Andy's comment (Thanks!).
> > - Fix patch description.
> > ---
> > drivers/gpio/gpiolib-sysfs.c | 12 ++++++++++--
> > 1 file changed, 10 insertions(+), 2 deletions(-)
> >
> > diff --git a/drivers/gpio/gpiolib-sysfs.c b/drivers/gpio/gpiolib-sysfs.c
> > index 4b44dd97c07f..819f36258925 100644
> > --- a/drivers/gpio/gpiolib-sysfs.c
> > +++ b/drivers/gpio/gpiolib-sysfs.c
> > @@ -2,6 +2,7 @@
> > #include <linux/mutex.h>
> > #include <linux/device.h>
> > #include <linux/sysfs.h>
> > +#include <linux/gpio.h>
> > #include <linux/gpio/consumer.h>
> > #include <linux/gpio/driver.h>
> > #include <linux/interrupt.h>
> > @@ -432,6 +433,11 @@ static struct attribute *gpiochip_attrs[] = {
> > };
> > ATTRIBUTE_GROUPS(gpiochip);
> >
> > +static struct gpio_desc *gpio_to_valid_desc(int gpio)
> > +{
> > + return gpio_is_valid(gpio) ? gpio_to_desc(gpio) : NULL;
> > +}
> > +
> > /*
> > * /sys/class/gpio/export ... write-only
> > * integer N ... number of GPIO to export (full access)
> > @@ -450,7 +456,8 @@ static ssize_t export_store(struct class *class,
> > if (status < 0)
> > goto done;
> >
> > - desc = gpio_to_desc(gpio);
> > + desc = gpio_to_valid_desc(gpio);
>
> > +
>
> No need, if you wish better to put modified line after comment.
OK, should I update the patch and resend?
Thanks,
>
> > /* reject invalid GPIOs */
> > if (!desc) {
> > pr_warn("%s: invalid GPIO %ld\n", __func__, gpio);
> > @@ -492,7 +499,8 @@ static ssize_t unexport_store(struct class *class,
> > if (status < 0)
> > goto done;
> >
> > - desc = gpio_to_desc(gpio);
> > + desc = gpio_to_valid_desc(gpio);
>
> > +
>
>
> Ditto.
>
> > /* reject bogus commands (gpio_unexport ignores them) */
> > if (!desc) {
> > pr_warn("%s: invalid GPIO %ld\n", __func__, gpio);
> >
>
>
>
> --
> With Best Regards,
> Andy Shevchenko
--
Masami Hiramatsu <mhiramat@...nel.org>
Powered by blists - more mailing lists