* [PATCH] gpiolib: avoid uninitialized data in gpio kfifo
@ 2016-06-16 9:02 Arnd Bergmann
2016-06-16 10:00 ` Linus Walleij
0 siblings, 1 reply; 2+ messages in thread
From: Arnd Bergmann @ 2016-06-16 9:02 UTC (permalink / raw)
To: Linus Walleij, Alexandre Courbot; +Cc: Arnd Bergmann, linux-gpio, linux-kernel
gcc reports a theoretical case for returning uninitialized data in
the kfifo when a GPIO interrupt happens and neither
GPIOEVENT_REQUEST_RISING_EDGE nor GPIOEVENT_REQUEST_FALLING_EDGE
are set:
drivers/gpio/gpiolib.c: In function 'lineevent_irq_thread':
drivers/gpio/gpiolib.c:683:87: error: 'ge.id' may be used uninitialized in this function [-Werror=maybe-uninitialized]
This case should not happen, but to be on the safe side, let's
return from the irq handler without adding data to the FIFO
to ensure we can never leak stack data to user space.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Fixes: 61f922db7221 ("gpio: userspace ABI for reading GPIO line events")
---
drivers/gpio/gpiolib.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/drivers/gpio/gpiolib.c b/drivers/gpio/gpiolib.c
index 8b3db593f356..3466e6198351 100644
--- a/drivers/gpio/gpiolib.c
+++ b/drivers/gpio/gpiolib.c
@@ -674,6 +674,8 @@ irqreturn_t lineevent_irq_thread(int irq, void *p)
} else if (le->eflags & GPIOEVENT_REQUEST_FALLING_EDGE) {
/* Emit high-to-low event */
ge.id = GPIOEVENT_EVENT_FALLING_EDGE;
+ } else {
+ return IRQ_NONE;
}
ret = kfifo_put(&le->events, ge);
--
2.9.0
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] gpiolib: avoid uninitialized data in gpio kfifo
2016-06-16 9:02 [PATCH] gpiolib: avoid uninitialized data in gpio kfifo Arnd Bergmann
@ 2016-06-16 10:00 ` Linus Walleij
0 siblings, 0 replies; 2+ messages in thread
From: Linus Walleij @ 2016-06-16 10:00 UTC (permalink / raw)
To: Arnd Bergmann; +Cc: Alexandre Courbot, linux-gpio, linux-kernel
On Thu, Jun 16, 2016 at 11:02 AM, Arnd Bergmann <arnd@arndb.de> wrote:
> gcc reports a theoretical case for returning uninitialized data in
> the kfifo when a GPIO interrupt happens and neither
> GPIOEVENT_REQUEST_RISING_EDGE nor GPIOEVENT_REQUEST_FALLING_EDGE
> are set:
>
> drivers/gpio/gpiolib.c: In function 'lineevent_irq_thread':
> drivers/gpio/gpiolib.c:683:87: error: 'ge.id' may be used uninitialized in this function [-Werror=maybe-uninitialized]
>
> This case should not happen, but to be on the safe side, let's
> return from the irq handler without adding data to the FIFO
> to ensure we can never leak stack data to user space.
>
> Signed-off-by: Arnd Bergmann <arnd@arndb.de>
> Fixes: 61f922db7221 ("gpio: userspace ABI for reading GPIO line events")
Patch applied, good catch, thanks!
Yours,
Linus Walleij
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2016-06-16 10:00 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-06-16 9:02 [PATCH] gpiolib: avoid uninitialized data in gpio kfifo Arnd Bergmann
2016-06-16 10:00 ` Linus Walleij
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).