[RFT PATCH v2 2/2] iio: Fix unsafe buffer attributes
Jonathan Cameron
jic23 at kernel.org
Sun Oct 2 06:57:08 PDT 2022
On Sat, 1 Oct 2022 10:44:23 +0300
Matti Vaittinen <mazziesaccount at gmail.com> wrote:
> The iio_triggered_buffer_setup_ext() was changed by
> commit 15097c7a1adc ("iio: buffer: wrap all buffer attributes into iio_dev_attr")
> to silently expect that all attributes given in buffer_attrs array are
> device-attributes. This expectation was not forced by the API - and some
> drivers did register attributes created by IIO_CONST_ATTR().
>
> The added attribute "wrapping" does not copy the pointer to stored
> string constant and when the sysfs file is read the kernel will access
> to invalid location.
>
> Signed-off-by: Matti Vaittinen <mazziesaccount at gmail.com>
> Fixes: 15097c7a1adc ("iio: buffer: wrap all buffer attributes into iio_dev_attr")
Hi Matti,
This feels like we are doing too much in one go.
I would start with fixes for each individual driver, then once those are in we
come around again and do the refactor.
So for the first patch set (one per driver) just siwtch to yor new
dev_attr but still use a struct attribute * array.
Second series then does the refactor so we don't introduce any new instances
in future. More churn but the code to backport is more tightly confined.
Thanks,
Jonathan
>
> ---
>
> v1 => v2:
> fix also industrialio-buffer-dmaengine.c and cros_ec_sensors_core.c
>
> The fix is only superficially tested by a ROHM/kionix KX022A driver.
> Proper testing with real in-tree IIO stuff is _highly_ appreciated.
More information about the linux-arm-kernel
mailing list