lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <2cedd8f292b893f0e82aacf03c0989b17bfbf69b.camel@baylibre.com>
Date: Mon, 09 Feb 2026 09:02:43 +0100
From: Francesco Lavra <flavra@...libre.com>
To: Lorenzo Bianconi <lorenzo@...nel.org>, Jonathan Cameron
 <jic23@...nel.org>,  David Lechner <dlechner@...libre.com>, Nuno
 Sá <nuno.sa@...log.com>, Andy Shevchenko
 <andy@...nel.org>, linux-iio@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v5 2/4] iio: imu: st_lsm6dsx: Set buffer sampling
 frequency for accelerometer only

On Thu, 2026-01-22 at 17:23 +0100, Francesco Lavra wrote:
> The st_lsm6dsx_hwfifo_odr_store() function, which is called when
> userspace
> writes the buffer sampling frequency sysfs attribute, calls
> st_lsm6dsx_check_odr(), which accesses the odr_table array at index
> `sensor->id`; since this array is only 2 entries long, an access for any
> sensor type other than accelerometer or gyroscope is an out-of-bounds
> access.
> 
> The motivation for being able to set a buffer frequency different from
> the
> sensor sampling frequency is to support use cases that need accurate
> event
> detection (which requires a high sampling frequency) while retrieving
> sensor data at low frequency. Since all the supported event types are
> generated from acceleration data only, do not create the buffer sampling
> frequency attribute for sensor types other than the accelerometer.
> 
> Fixes: 6b648a36c200 ("iio: imu: st_lsm6dsx: Decouple sensor ODR from FIFO
> batch data rate")

This patch didn't make it to 6.19. Would it still be OK to merge this in
the next release cycle? It technically changes userspace, but I think this
change can be put in the "no one will notice" category.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ