This is a note to let you know that I've just added the patch titled
gpio: GPIO_GET_LINEEVENT_IOCTL: Reject invalid line and event flags
to the 4.8-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
gpio-gpio_get_lineevent_ioctl-reject-invalid-line-and-event-flags.patch
and it can be found in the queue-4.8 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From ac7dbb991ee5afc0beacce3a252dcaaa249a7786 Mon Sep 17 00:00:00 2001
From: Lars-Peter Clausen <lars@xxxxxxxxxx>
Date: Tue, 18 Oct 2016 16:54:06 +0200
Subject: gpio: GPIO_GET_LINEEVENT_IOCTL: Reject invalid line and event flags
From: Lars-Peter Clausen <lars@xxxxxxxxxx>
commit ac7dbb991ee5afc0beacce3a252dcaaa249a7786 upstream.
The GPIO_GET_LINEEVENT_IOCTL currently ignores unknown or undefined
linehandle and lineevent flags. From a backwards and forwards compatibility
viewpoint it is highly desirable to reject unknown flags though.
On one hand an application that is using newer flags and is running on
an older kernel has no way to detect if the new flags were handled
correctly if they are silently discarded.
On the other hand an application that (accidentally) passes undefined flags
will run fine on an older kernel, but may break on a newer kernel when
these flags get defined.
Ensure that requests that have undefined flags set are rejected with an
error, rather than silently discarding the undefined flags.
Fixes: 61f922db7221 ("gpio: userspace ABI for reading GPIO line events")
Signed-off-by: Lars-Peter Clausen <lars@xxxxxxxxxx>
Signed-off-by: Linus Walleij <linus.walleij@xxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
drivers/gpio/gpiolib.c | 11 +++++++++++
1 file changed, 11 insertions(+)
--- a/drivers/gpio/gpiolib.c
+++ b/drivers/gpio/gpiolib.c
@@ -554,6 +554,10 @@ struct lineevent_state {
struct mutex read_lock;
};
+#define GPIOEVENT_REQUEST_VALID_FLAGS \
+ (GPIOEVENT_REQUEST_RISING_EDGE | \
+ GPIOEVENT_REQUEST_FALLING_EDGE)
+
static unsigned int lineevent_poll(struct file *filep,
struct poll_table_struct *wait)
{
@@ -748,6 +752,13 @@ static int lineevent_create(struct gpio_
ret = -EINVAL;
goto out_free_label;
}
+
+ /* Return an error if a unknown flag is set */
+ if ((lflags & ~GPIOHANDLE_REQUEST_VALID_FLAGS) ||
+ (eflags & ~GPIOEVENT_REQUEST_VALID_FLAGS)) {
+ ret = -EINVAL;
+ goto out_free_label;
+ }
/* This is just wrong: we don't look for events on output lines */
if (lflags & GPIOHANDLE_REQUEST_OUTPUT) {
Patches currently in stable-queue which might be from lars@xxxxxxxxxx are
queue-4.8/gpio-gpio_get_chipinfo_ioctl-fix-line-offset-validation.patch
queue-4.8/gpio-gpio_get_line-handle-event-_ioctl-fix-file-descriptor-leak.patch
queue-4.8/gpio-gpio_get_chipinfo_ioctl-fix-information-leak.patch
queue-4.8/gpio-gpio_get_lineevent_ioctl-reject-invalid-line-and-event-flags.patch
queue-4.8/gpio-gpiohandle_get_line_values_ioctl-fix-another-information-leak.patch
queue-4.8/gpio-gpio_get_linehandle_ioctl-reject-invalid-line-flags.patch
queue-4.8/gpio-gpio_get_lineevent_ioctl-validate-line-offset.patch
queue-4.8/gpio-gpiohandle_get_line_values_ioctl-fix-information-leak.patch
queue-4.8/gpio-gpio_get_linehandle_ioctl-validate-line-offset.patch
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html