| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aLgrqZETNLmuMHhv@smile.fi.intel.com> Date: Wed, 3 Sep 2025 14:51:05 +0300 From: Andy Shevchenko <andriy.shevchenko@...el.com> To: Bartosz Golaszewski <brgl@...ev.pl> Cc: Andy Shevchenko <andy.shevchenko@...il.com>, Linus Walleij <linus.walleij@...aro.org>, Bjorn Andersson <andersson@...nel.org>, Konrad Dybcio <konradybcio@...nel.org>, Alexey Klimov <alexey.klimov@...aro.org>, Lorenzo Bianconi <lorenzo@...nel.org>, Sean Wang <sean.wang@...nel.org>, Matthias Brugger <matthias.bgg@...il.com>, AngeloGioacchino Del Regno <angelogioacchino.delregno@...labora.com>, Paul Cercueil <paul@...pouillou.net>, Kees Cook <kees@...nel.org>, Andy Shevchenko <andy@...nel.org>, Andrew Morton <akpm@...ux-foundation.org>, David Hildenbrand <david@...hat.com>, Lorenzo Stoakes <lorenzo.stoakes@...cle.com>, "Liam R. Howlett" <Liam.Howlett@...cle.com>, Vlastimil Babka <vbabka@...e.cz>, Mike Rapoport <rppt@...nel.org>, Suren Baghdasaryan <surenb@...gle.com>, Michal Hocko <mhocko@...e.com>, Dong Aisheng <aisheng.dong@....com>, Fabio Estevam <festevam@...il.com>, Shawn Guo <shawnguo@...nel.org>, Jacky Bai <ping.bai@....com>, Pengutronix Kernel Team <kernel@...gutronix.de>, NXP S32 Linux Team <s32@....com>, Sascha Hauer <s.hauer@...gutronix.de>, Tony Lindgren <tony@...mide.com>, Haojian Zhuang <haojian.zhuang@...aro.org>, Geert Uytterhoeven <geert+renesas@...der.be>, Greg Kroah-Hartman <gregkh@...uxfoundation.org>, "Rafael J. Wysocki" <rafael@...nel.org>, Danilo Krummrich <dakr@...nel.org>, Neil Armstrong <neil.armstrong@...aro.org>, Mark Brown <broonie@...nel.org>, linux-gpio@...r.kernel.org, linux-kernel@...r.kernel.org, linux-arm-msm@...r.kernel.org, linux-mediatek@...ts.infradead.org, linux-arm-kernel@...ts.infradead.org, linux-mips@...r.kernel.org, linux-hardening@...r.kernel.org, linux-mm@...ck.org, imx@...ts.linux.dev, linux-omap@...r.kernel.org, linux-renesas-soc@...r.kernel.org, Bartosz Golaszewski <bartosz.golaszewski@...aro.org>, Konrad Dybcio <konrad.dybcio@....qualcomm.com> Subject: Re: [PATCH v7 16/16] pinctrl: qcom: make the pinmuxing strict On Wed, Sep 03, 2025 at 01:05:27PM +0200, Bartosz Golaszewski wrote: > On Wed, Sep 3, 2025 at 12:53 PM Andy Shevchenko > <andriy.shevchenko@...el.com> wrote: > > On Wed, Sep 03, 2025 at 12:41:48PM +0200, Bartosz Golaszewski wrote: > > > On Wed, Sep 3, 2025 at 12:38 PM Andy Shevchenko > > > <andriy.shevchenko@...el.com> wrote: > > > > On Wed, Sep 03, 2025 at 12:34:00PM +0200, Bartosz Golaszewski wrote: > > > > > On Wed, Sep 3, 2025 at 12:22 PM Andy Shevchenko > > > > > <andriy.shevchenko@...el.com> wrote: > > > > > > On Wed, Sep 03, 2025 at 09:33:34AM +0200, Bartosz Golaszewski wrote: > > > > > > > On Tue, Sep 2, 2025 at 10:46 PM Andy Shevchenko > > > > > > > <andy.shevchenko@...il.com> wrote: > > > > > > > > On Tue, Sep 2, 2025 at 8:42 PM Bartosz Golaszewski <brgl@...ev.pl> wrote: > > > > > > > > > On Tue, Sep 2, 2025 at 4:38 PM Andy Shevchenko > > > > > > > > > <andriy.shevchenko@...el.com> wrote: > > > > > > > > > > On Tue, Sep 02, 2025 at 01:59:25PM +0200, Bartosz Golaszewski wrote: ... > > > > > > > > > > > The strict flag in struct pinmux_ops disallows the usage of the same pin > > > > > > > > > > > as a GPIO and for another function. Without it, a rouge user-space > > > > > > > > > > > process with enough privileges (or even a buggy driver) can request a > > > > > > > > > > > used pin as GPIO and drive it, potentially confusing devices or even > > > > > > > > > > > crashing the system. Set it globally for all pinctrl-msm users. > > > > > > > > > > > > > > > > > > > > How does this keep (or allow) I²C generic recovery mechanism to work? > > > > > > > > > > > > > > Anyway, what is your point? I don't think it has any impact on this. > > > > > > > > > > > > If we have a group of pins that are marked as I²C, and we want to use recovery > > > > > > via GPIOs, would it be still possible to request as GPIO when controller driver > > > > > > is in the strict mode? > > > > > > > > > > Yes, if you mark that function as a "GPIO" function in the pin > > > > > controller driver. > > > > > > > > How would it prevent from requesting from user space? > > > > > > It wouldn't, we don't discriminate between user-space and in-kernel > > > GPIO users. A function either is a GPIO or isn't. Can you point me to > > > the driver you're thinking about or is this a purely speculative > > > question? > > > > The recovery mechanism is in I²C core and many drivers use that. > > I'm not aware of Qualcomm drivers in particular. But mechanism is > > in use in I²C DesignWare which is distributed a lot among platforms, > > so using word 'purely' is incorrect, and word 'speculative' is a bit > > strong, but you can think of the issue coming later on when somebody > > does something like this. > > > > The same applies to the in-band wakeup UART mechanism. > > > > Which means that with this series we will relax it back anyway for > > the above mentioned cases. > > > > (Not sure, but SPI DesignWare requires programming SPI native chip selects even > > if the GPIO is used for that, this might have also some implications, but here > > it's for real 'purely speculative'.) > > The high-level answer is: yes, a pin that will be used by GPIOLIB > needs the function it's muxed to, to be marked as "GPIOable" in its > parent pin controller if it's strict. That's still better than the > current situation. > > I can imagine we could differentiate between in-kernel and user-space > users of GPIOs and then make it impossible for the latter to request > certain pins while they could still be requested in the kernel but > that's outside of the scope of this series. > > I don't see why this would stop these patches though, as they don't > break anything unless you decide to make your pin controller strict in > which situation you'd need to verify which functions can GPIOs anyway. It can't anyway, Linus already applied :-) -- With Best Regards, Andy Shevchenko
Powered by blists - more mailing lists