[PATCH v3 00/10] iio: Fix unsafe buffer attributes

From: Matti Vaittinen
Date: Mon Oct 03 2022 - 04:37:20 EST


IIO The iio_triggered_buffer_setup_ext() has been changed to expect that
all attributes given in buffer_attrs array are device-attributes. This
expectation has not been forced by the API and not all existing users
were checked. Some drivers do register attributes created by
IIO_CONST_ATTR().

The added attribute "wrapping" does not copy the pointer to stored
string constant and when the sysfs file is read the kernel will access
to invalid address.

First 4 patches in the series aim to address both the drivers using
IIO_CONST_ATTR(). These patches should be backportable. Please note that
these patches have not been tested in the HW so testing/reviewing is
highly appreciated.

Following 4 (patches 5 ... 9) contain a minor simplification adding a
macro for omitting open-coding of dummy attribute show functions.

I am not super happy about the new macro IIO_STATIC_CONST_DEVICE_ATTR()
which unconditionally creates a static function and a static struct
iio_dev_attr. OTOH, I do believe static function + static struct
iio_dev_attr should be the right thing to do for majority of use cases.

The last patch in the series (patch 10) aims to change the function
signatures so that similar issues would be avoided in the future.

Here we also change the struct iio_buffer to have array of pointers to
iio_dev_attr in order to avoid yet another copying in side the
iio_triggered_buffer_setup_ext(). This change appeared to be somewhat
intrusive - and as I lack the hardware to do thorough testing I added
the request for testing tag here. Especially testing of adi-axi-adc
would be highly appreciated as it is using the
industrialio-buffer-dmaengine.

Changelog v3:
- Split the series to allow easier backport and review. This also
allows merging the smaller fixes with less of a risk for crashing
and burning everything :)

Changelog v2:
- fix also the cros_ec_sensors_core.c
- fix also the industrialio-buffer-dmaengine.c
- add RFT + this cover-letter.

--


Matti Vaittinen (10):
iio: adxl367: Fix unsafe buffer attributes
iio: adxl372: Fix unsafe buffer attributes
iio: bmc150-accel-core: Fix unsafe buffer attributes
iio: at91-sama5d2_adc: Fix unsafe buffer attributes
iio: Add IIO_STATIC_CONST_DEVICE_ATTR
iio: adxl367: Use IIO_STATIC_CONST_DEVICE_ATTR()
iio: adxl372: Use IIO_STATIC_CONST_DEVICE_ATTR()
iio: bmc150-accel-core: Use IIO_STATIC_CONST_DEVICE_ATTR()
iio: at91-sama5d2_adc: Use IIO_STATIC_CONST_DEVICE_ATTR()
iio: Don't silently expect attribute types

drivers/iio/accel/adxl367.c | 16 ++++++++--------
drivers/iio/accel/adxl372.c | 16 ++++++++--------
drivers/iio/accel/bmc150-accel-core.c | 18 +++++++++---------
drivers/iio/adc/at91-sama5d2_adc.c | 16 ++++++++--------
.../iio/buffer/industrialio-buffer-dmaengine.c | 4 ++--
.../iio/buffer/industrialio-triggered-buffer.c | 4 ++--
drivers/iio/buffer/kfifo_buf.c | 2 +-
.../cros_ec_sensors/cros_ec_sensors_core.c | 6 +++---
.../common/hid-sensors/hid-sensor-trigger.c | 8 ++++----
drivers/iio/industrialio-buffer.c | 11 +++++++----
include/linux/iio/buffer_impl.h | 2 +-
include/linux/iio/kfifo_buf.h | 3 ++-
include/linux/iio/sysfs.h | 11 +++++++++++
include/linux/iio/triggered_buffer.h | 6 +++---
14 files changed, 69 insertions(+), 54 deletions(-)


base-commit: f76349cf41451c5c42a99f18a9163377e4b364ff
--
2.37.3


--
Matti Vaittinen, Linux device drivers
ROHM Semiconductors, Finland SWDC
Kiviharjunlenkki 1E
90220 OULU
FINLAND

~~~ "I don't think so," said Rene Descartes. Just then he vanished ~~~
Simon says - in Latin please.
~~~ "non cogito me" dixit Rene Descarte, deinde evanescavit ~~~
Thanks to Simon Glass for the translation =]

Attachment: signature.asc
Description: PGP signature