linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH] clk: samsung: Suppress unbinding to prevent theoretical attacks
@ 2016-05-17  7:26 Krzysztof Kozlowski
  2016-05-21  2:30 ` Javier Martinez Canillas
  2016-06-18 14:37 ` Tomasz Figa
  0 siblings, 2 replies; 3+ messages in thread
From: Krzysztof Kozlowski @ 2016-05-17  7:26 UTC (permalink / raw)
  To: Sylwester Nawrocki, Tomasz Figa, Michael Turquette, Stephen Boyd,
	Kukjin Kim, Krzysztof Kozlowski, linux-samsung-soc, linux-clk,
	linux-arm-kernel, linux-kernel
  Cc: Bartlomiej Zolnierkiewicz, Marek Szyprowski

Although unbinding a driver requires root privileges but it still might
be used theoretically in certain attacks (by triggering NULL pointer
exception or memory corruption if driver does not provide proper remove
callbacks or core does not handle it).

Samsung clock drivers are essential for system operation so their
removal is not expected. More over, the Exynos3250 ISP clock driver does
not implement remove() driver callback and it is not buildable as
modules.

Suppress the unbind interface for Exynos3250 ISP and S3C2410 DCLK clock
drivers.

Suggested-by: Marek Szyprowski <m.szyprowski@samsung.com>
Cc: Marek Szyprowski <m.szyprowski@samsung.com>
Signed-off-by: Krzysztof Kozlowski <k.kozlowski@samsung.com>
---
 drivers/clk/samsung/clk-exynos3250.c   | 1 +
 drivers/clk/samsung/clk-s3c2410-dclk.c | 5 +++--
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/drivers/clk/samsung/clk-exynos3250.c b/drivers/clk/samsung/clk-exynos3250.c
index 16575ee874cb..dc4d493e61c2 100644
--- a/drivers/clk/samsung/clk-exynos3250.c
+++ b/drivers/clk/samsung/clk-exynos3250.c
@@ -1087,6 +1087,7 @@ static const struct of_device_id exynos3250_cmu_isp_of_match[] = {
 static struct platform_driver exynos3250_cmu_isp_driver = {
 	.driver = {
 		.name = "exynos3250-cmu-isp",
+		.suppress_bind_attrs = true,
 		.of_match_table = exynos3250_cmu_isp_of_match,
 	},
 };
diff --git a/drivers/clk/samsung/clk-s3c2410-dclk.c b/drivers/clk/samsung/clk-s3c2410-dclk.c
index ec6fb14d951c..ae9a595c72d0 100644
--- a/drivers/clk/samsung/clk-s3c2410-dclk.c
+++ b/drivers/clk/samsung/clk-s3c2410-dclk.c
@@ -428,8 +428,9 @@ MODULE_DEVICE_TABLE(platform, s3c24xx_dclk_driver_ids);
 
 static struct platform_driver s3c24xx_dclk_driver = {
 	.driver = {
-		.name		= "s3c24xx-dclk",
-		.pm		= &s3c24xx_dclk_pm_ops,
+		.name			= "s3c24xx-dclk",
+		.pm			= &s3c24xx_dclk_pm_ops,
+		.suppress_bind_attrs	= true,
 	},
 	.probe = s3c24xx_dclk_probe,
 	.remove = s3c24xx_dclk_remove,
-- 
1.9.1

^ permalink raw reply related	[flat|nested] 3+ messages in thread
* Re: [PATCH] clk: samsung: Suppress unbinding to prevent theoretical attacks
  2016-05-17  7:26 [PATCH] clk: samsung: Suppress unbinding to prevent theoretical attacks Krzysztof Kozlowski
@ 2016-05-21  2:30 ` Javier Martinez Canillas
  2016-06-18 14:37 ` Tomasz Figa
  1 sibling, 0 replies; 3+ messages in thread
From: Javier Martinez Canillas @ 2016-05-21  2:30 UTC (permalink / raw)
  To: Krzysztof Kozlowski, Sylwester Nawrocki, Tomasz Figa,
	Michael Turquette, Stephen Boyd, Kukjin Kim, linux-samsung-soc,
	linux-clk, linux-arm-kernel, linux-kernel
  Cc: Bartlomiej Zolnierkiewicz, Marek Szyprowski

Hello Krzysztof,

On 05/17/2016 03:26 AM, Krzysztof Kozlowski wrote:
> Although unbinding a driver requires root privileges but it still might
> be used theoretically in certain attacks (by triggering NULL pointer
> exception or memory corruption if driver does not provide proper remove
> callbacks or core does not handle it).
> 
> Samsung clock drivers are essential for system operation so their
> removal is not expected. More over, the Exynos3250 ISP clock driver does
> not implement remove() driver callback and it is not buildable as
> modules.
> 
> Suppress the unbind interface for Exynos3250 ISP and S3C2410 DCLK clock
> drivers.
> 
> Suggested-by: Marek Szyprowski <m.szyprowski@samsung.com>
> Cc: Marek Szyprowski <m.szyprowski@samsung.com>
> Signed-off-by: Krzysztof Kozlowski <k.kozlowski@samsung.com>
> ---

Reviewed-by: Javier Martinez Canillas <javier@osg.samsung.com>

Best regards,
-- 
Javier Martinez Canillas
Open Source Group
Samsung Research America

^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [PATCH] clk: samsung: Suppress unbinding to prevent theoretical attacks
  2016-05-17  7:26 [PATCH] clk: samsung: Suppress unbinding to prevent theoretical attacks Krzysztof Kozlowski
  2016-05-21  2:30 ` Javier Martinez Canillas
@ 2016-06-18 14:37 ` Tomasz Figa
  1 sibling, 0 replies; 3+ messages in thread
From: Tomasz Figa @ 2016-06-18 14:37 UTC (permalink / raw)
  To: Krzysztof Kozlowski
  Cc: Sylwester Nawrocki, Michael Turquette, Stephen Boyd, Kukjin Kim,
	linux-samsung-soc, linux-clk, linux-arm-kernel, linux-kernel,
	Bartlomiej Zolnierkiewicz, Marek Szyprowski

Hi,

2016-05-17 16:26 GMT+09:00 Krzysztof Kozlowski <k.kozlowski@samsung.com>:
> Although unbinding a driver requires root privileges but it still might
> be used theoretically in certain attacks (by triggering NULL pointer
> exception or memory corruption if driver does not provide proper remove
> callbacks or core does not handle it).
>
> Samsung clock drivers are essential for system operation so their
> removal is not expected. More over, the Exynos3250 ISP clock driver does
> not implement remove() driver callback and it is not buildable as
> modules.
>
> Suppress the unbind interface for Exynos3250 ISP and S3C2410 DCLK clock
> drivers.
>
> Suggested-by: Marek Szyprowski <m.szyprowski@samsung.com>
> Cc: Marek Szyprowski <m.szyprowski@samsung.com>
> Signed-off-by: Krzysztof Kozlowski <k.kozlowski@samsung.com>
> ---
>  drivers/clk/samsung/clk-exynos3250.c   | 1 +
>  drivers/clk/samsung/clk-s3c2410-dclk.c | 5 +++--
>  2 files changed, 4 insertions(+), 2 deletions(-)

Makes sense. (By the way, I wonder if we ever see a solution for the
unbind problem with .remove implemented and some resources that can't
be released at the time .unbind is attempted...)

Acked-by: Tomasz Figa <tomasz.figa@gmail.com>

Best regards,
Tomasz

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2016-06-18 14:37 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-05-17  7:26 [PATCH] clk: samsung: Suppress unbinding to prevent theoretical attacks Krzysztof Kozlowski
2016-05-21  2:30 ` Javier Martinez Canillas
2016-06-18 14:37 ` Tomasz Figa

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).