lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 28 Jun 2022 10:41:55 +0800
From:   Zhipeng Wang <zhipeng.wang_1@....com>
To:     wsa@...nel.org
Cc:     linux-i2c@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: [PATCH] i2c: core: Disable i2c_generic_scl_recovery callback checks with CFI

CONFIG_CFI_CLANG breaks cross-module function address equality, which
breaks i2c_generic_scl_recovery as it compares a locally taken function
address to a one passed from a different module. Remove these sanity
checks for now.

Trigger I2C recovery through SCL connection LOW.

[    2.452853] Kernel panic - not syncing: CFI failure (target: 0x0)
[    2.476964] Call trace:
[    2.480104] dump_backtrace.cfi_jt+0x0/0x8
[    2.484909] dump_stack_lvl+0x80/0xb8
[    2.489273] panic+0x180/0x444
[    2.489282] find_check_fn+0x0/0x218
[    2.500079] i2c_generic_scl_recovery+0x390/0x400
[    2.509573] i2c_recover_bus+0x3c/0x84
[    2.509582] i2c_imx_xfer_common+0x60/0xd50 [i2c_imx]
[    2.521005] i2c_imx_xfer+0x1ac/0x3ec [i2c_imx]
[    2.531196] __i2c_transfer+0x2b8/0x910
[    2.531208] i2c_transfer+0xd8/0x1cc
[    2.531216] regmap_i2c_write+0x54/0xa4

Signed-off-by: Zhipeng Wang <zhipeng.wang_1@....com>
---
 drivers/i2c/i2c-core-base.c | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/drivers/i2c/i2c-core-base.c b/drivers/i2c/i2c-core-base.c
index d43db2c3876e..87bca6d8514b 100644
--- a/drivers/i2c/i2c-core-base.c
+++ b/drivers/i2c/i2c-core-base.c
@@ -334,7 +334,8 @@ static int i2c_gpio_init_generic_recovery(struct i2c_adapter *adap)
 	 * don't touch the recovery information if the driver is not using
 	 * generic SCL recovery
 	 */
-	if (bri->recover_bus && bri->recover_bus != i2c_generic_scl_recovery)
+	if (bri->recover_bus && bri->recover_bus != i2c_generic_scl_recovery &&
+	    !(IS_ENABLED(CONFIG_CFI_CLANG) && IS_ENABLED(CONFIG_MODULES)))
 		return 0;
 
 	/*
@@ -415,7 +416,8 @@ static int i2c_init_recovery(struct i2c_adapter *adap)
 		goto err;
 	}
 
-	if (bri->scl_gpiod && bri->recover_bus == i2c_generic_scl_recovery) {
+	if (bri->scl_gpiod && (bri->recover_bus == i2c_generic_scl_recovery ||
+	    (IS_ENABLED(CONFIG_CFI_CLANG) && IS_ENABLED(CONFIG_MODULES)))) {
 		bri->get_scl = get_scl_gpio_value;
 		bri->set_scl = set_scl_gpio_value;
 		if (bri->sda_gpiod) {
@@ -424,7 +426,8 @@ static int i2c_init_recovery(struct i2c_adapter *adap)
 			if (gpiod_get_direction(bri->sda_gpiod) == 0)
 				bri->set_sda = set_sda_gpio_value;
 		}
-	} else if (bri->recover_bus == i2c_generic_scl_recovery) {
+	} else if (bri->recover_bus == i2c_generic_scl_recovery ||
+	    (IS_ENABLED(CONFIG_CFI_CLANG) && IS_ENABLED(CONFIG_MODULES))) {
 		/* Generic SCL recovery */
 		if (!bri->set_scl || !bri->get_scl) {
 			err_str = "no {get|set}_scl() found";
-- 
2.25.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ