lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <3ebe3c45-e951-678b-ea55-89c5bf62e8bc@gmail.com>
Date:   Sun, 2 Oct 2022 17:25:48 +0300
From:   Matti Vaittinen <mazziesaccount@...il.com>
To:     Jonathan Cameron <jic23@...nel.org>
Cc:     Matti Vaittinen <matti.vaittinen@...rohmeurope.com>,
        Cosmin Tanislav <cosmin.tanislav@...log.com>,
        Lars-Peter Clausen <lars@...afoo.de>,
        Michael Hennerich <Michael.Hennerich@...log.com>,
        Eugen Hristev <eugen.hristev@...rochip.com>,
        Nicolas Ferre <nicolas.ferre@...rochip.com>,
        Alexandre Belloni <alexandre.belloni@...tlin.com>,
        Claudiu Beznea <claudiu.beznea@...rochip.com>,
        Benson Leung <bleung@...omium.org>,
        Guenter Roeck <groeck@...omium.org>,
        Alexandru Ardelean <alexandru.ardelean@...log.com>,
        Srinivas Pandruvada <srinivas.pandruvada@...ux.intel.com>,
        Uwe Kleine-König <u.kleine-koenig@...gutronix.de>,
        Nathan Chancellor <nathan@...nel.org>,
        Miquel Raynal <miquel.raynal@...tlin.com>,
        Miaoqian Lin <linmq006@...il.com>,
        Paul Cercueil <paul@...pouillou.net>,
        Mihail Chindris <mihail.chindris@...log.com>,
        Gwendal Grignou <gwendal@...omium.org>,
        Douglas Anderson <dianders@...omium.org>,
        linux-iio@...r.kernel.org, linux-kernel@...r.kernel.org,
        linux-arm-kernel@...ts.infradead.org,
        chrome-platform@...ts.linux.dev
Subject: Re: [RFT PATCH v2 2/2] iio: Fix unsafe buffer attributes

On 10/2/22 16:57, Jonathan Cameron wrote:
> On Sat, 1 Oct 2022 10:44:23 +0300
> Matti Vaittinen <mazziesaccount@...il.com> wrote:
> 
>> The iio_triggered_buffer_setup_ext() was changed by
>> commit 15097c7a1adc ("iio: buffer: wrap all buffer attributes into iio_dev_attr")
>> to silently expect that all attributes given in buffer_attrs array are
>> device-attributes. This expectation was not forced by the API - and some
>> drivers did register attributes created by IIO_CONST_ATTR().
>>
>> The added attribute "wrapping" does not copy the pointer to stored
>> string constant and when the sysfs file is read the kernel will access
>> to invalid location.
>>
>> Signed-off-by: Matti Vaittinen <mazziesaccount@...il.com>
>> Fixes: 15097c7a1adc ("iio: buffer: wrap all buffer attributes into iio_dev_attr")
> 
> Hi Matti,
> 
> This feels like we are doing too much in one go.
> I would start with fixes for each individual driver, then once those are in we
> come around again and do the refactor.
> 
> So for the first patch set (one per driver) just siwtch to yor new
> dev_attr but still use a struct attribute * array.
> Second series then does the refactor so we don't introduce any new instances
> in future. More churn but the code to backport is more tightly confined.

Agreed. Besides, backporting the fix to stable will be much easier that 
way. I'll split this for v3. Thanks for the input!


Yours,
	--Matti

-- 
Matti Vaittinen
Linux kernel developer at ROHM Semiconductors
Oulu Finland

~~ When things go utterly wrong vim users can always type :help! ~~

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ