| Message ID | 20180716083424.11157-2-brgl@bgdev.pl |
|---|---|
| State | New |
| Headers | show |
| Series | gpiolib: linehandle_ioctl() tweaks | expand |
On Mon, Jul 16, 2018 at 10:34 AM Bartosz Golaszewski <brgl@bgdev.pl> wrote: > User space can currently both read and set values of input lines using > the character device. This was not allowed by the old sysfs interface > nor is it a correct behavior. > > Check the first descriptor in the set for the OUT flag when asked to > set values and return -EPERM if the line is input. > > Signed-off-by: Bartosz Golaszewski <brgl@bgdev.pl> Patch applied! Thanks for fixing this. > } else if (cmd == GPIOHANDLE_SET_LINE_VALUES_IOCTL) { > - /* TODO: check if descriptors are really output */ I wonder what kind of lazy coder leaves this kind of garbage behind for others to fix up... d7c51b47ac11e (Linus Walleij 2016-04-26 10:35:29 +0200 451) } else if (cmd == GPIOHANDLE_SET_LINE_VALUES_IOCTL) { d7c51b47ac11e (Linus Walleij 2016-04-26 10:35:29 +0200 452) /* TODO: check if descriptors are really output */ d7c51b47ac11e (Linus Walleij 2016-04-26 10:35:29 +0200 453) if (copy_from_user(&ghd, ip, sizeof(ghd))) Oh that guy. Yours, Linus Walleij -- To unsubscribe from this list: send the line "unsubscribe linux-gpio" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
2018-07-16 15:40 GMT+02:00 Linus Walleij <linus.walleij@linaro.org>: > On Mon, Jul 16, 2018 at 10:34 AM Bartosz Golaszewski <brgl@bgdev.pl> wrote: > >> User space can currently both read and set values of input lines using >> the character device. This was not allowed by the old sysfs interface >> nor is it a correct behavior. >> >> Check the first descriptor in the set for the OUT flag when asked to >> set values and return -EPERM if the line is input. >> >> Signed-off-by: Bartosz Golaszewski <brgl@bgdev.pl> > > Patch applied! Thanks for fixing this. > Thanks. Do you think we should Cc stable on that one? Bart -- To unsubscribe from this list: send the line "unsubscribe linux-gpio" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Mon, Jul 16, 2018 at 4:13 PM Bartosz Golaszewski <brgl@bgdev.pl> wrote: > 2018-07-16 15:40 GMT+02:00 Linus Walleij <linus.walleij@linaro.org>: > > On Mon, Jul 16, 2018 at 10:34 AM Bartosz Golaszewski <brgl@bgdev.pl> wrote: > > > >> User space can currently both read and set values of input lines using > >> the character device. This was not allowed by the old sysfs interface > >> nor is it a correct behavior. > >> > >> Check the first descriptor in the set for the OUT flag when asked to > >> set values and return -EPERM if the line is input. > >> > >> Signed-off-by: Bartosz Golaszewski <brgl@bgdev.pl> > > > > Patch applied! Thanks for fixing this. > > Thanks. Do you think we should Cc stable on that one? Nah. It's not a regression. (Not like things that worked before stopped working.) Yours, Linus Walleij -- To unsubscribe from this list: send the line "unsubscribe linux-gpio" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/drivers/gpio/gpiolib.c b/drivers/gpio/gpiolib.c index e11a3bb03820..57973524360d 100644 --- a/drivers/gpio/gpiolib.c +++ b/drivers/gpio/gpiolib.c @@ -449,7 +449,13 @@ static long linehandle_ioctl(struct file *filep, unsigned int cmd, return 0; } else if (cmd == GPIOHANDLE_SET_LINE_VALUES_IOCTL) { - /* TODO: check if descriptors are really output */ + /* + * All line descriptors were created at once with the same + * flags so just check if the first one is really output. + */ + if (!test_bit(FLAG_IS_OUT, &lh->descs[0]->flags)) + return -EPERM; + if (copy_from_user(&ghd, ip, sizeof(ghd))) return -EFAULT;
User space can currently both read and set values of input lines using the character device. This was not allowed by the old sysfs interface nor is it a correct behavior. Check the first descriptor in the set for the OUT flag when asked to set values and return -EPERM if the line is input. Signed-off-by: Bartosz Golaszewski <brgl@bgdev.pl> --- drivers/gpio/gpiolib.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-)