redonkable
/
alistair23-linux
1
0
Fork 0
Code Releases Activity
alistair23-linux/drivers/iio/imu
History
Jonathan Cameron 06c672dd61 iio:imu:bmi160: Fix alignment and data leak issues 
commit 7b6b51234d upstream

One of a class of bugs pointed out by Lars in a recent review.
iio_push_to_buffers_with_timestamp assumes the buffer used is aligned
to the size of the timestamp (8 bytes).  This is not guaranteed in
this driver which uses an array of smaller elements on the stack.
As Lars also noted this anti pattern can involve a leak of data to
userspace and that indeed can happen here.  We close both issues by
moving to a suitable array in the iio_priv() data with alignment
explicitly requested.  This data is allocated with kzalloc() so no
data can leak apart from previous readings.

In this driver, depending on which channels are enabled, the timestamp
can be in a number of locations.  Hence we cannot use a structure
to specify the data layout without it being misleading.

Fixes: 77c4ad2d6a ("iio: imu: Add initial support for Bosch BMI160")
Reported-by: Lars-Peter Clausen <lars@metafoo.de>
Signed-off-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Reviewed-by: Alexandru Ardelean <alexandru.ardelean@analog.com>
Cc: Daniel Baluta  <daniel.baluta@gmail.com>
Cc: Daniel Baluta <daniel.baluta@oss.nxp.com>
Cc: <Stable@vger.kernel.org>
Link: https://lore.kernel.org/r/20200920112742.170751-6-jic23@kernel.org
[sudip: adjust context]
Signed-off-by: Sudip Mukherjee <sudipm.mukherjee@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2021-01-09 13:44:54 +01:00
..
bmi160 iio:imu:bmi160: Fix alignment and data leak issues 2021-01-09 13:44:54 +01:00
inv_mpu6050 iio: imu: inv_mpu6050: fix temperature reporting using bad unit 2019-12-17 19:55:42 +01:00
st_lsm6dsx iio: imu: st_lsm6dsx: Fix selection of ST_LSM6DS3_ID 2020-01-23 08:22:33 +01:00
Kconfig iio: imu: Add support for the ADIS16460 IMU 2019-07-27 22:52:06 +01:00
Makefile iio: imu: Add support for the ADIS16460 IMU 2019-07-27 22:52:06 +01:00
adis.c iio: imu: adis: Add support for SPI transfer cs_change_delay 2019-07-27 22:52:06 +01:00
adis16400.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
adis16460.c iio: imu: adis16460: fix variable signedness 2019-08-18 18:53:15 +01:00
adis16480.c iio: imu: adis16480: assign bias value only if operation succeeded 2020-01-17 19:48:48 +01:00
adis_buffer.c iio: imu: adis16400: fix memory leak 2019-10-09 19:11:27 +01:00
adis_trigger.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 149 2019-05-30 11:25:18 -07:00
kmx61.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 330 2019-06-05 17:37:06 +02:00