[00/11] iio: fix information leaks in triggered buffers

Message

Javier Carrasco Nov. 25, 2024, 9:16 p.m. UTC

This issue was found after attempting to make the same mistake for
a driver I maintain, which was fortunately spotted by Jonathan [1].

Keeping old sensor values if the channel configuration changes is known
and not considered an issue, which is also mentioned in [1], so it has
not been addressed by this series. That keeps most of the drivers out
of the way because they store the scan element in iio private data,
which is kzalloc() allocated.

This series only addresses cases where uninitialized i.e. unknown data
is pushed to the userspace, either due to holes in structs or
uninitialized struct members/array elements.

While analyzing involved functions, I found and fixed some triviality
(wrong function name) in the documentation of iio_dev_opaque.

Link: https://lore.kernel.org/linux-iio/20241123151634.303aa860@jic23-huawei/ [1]

Signed-off-by: Javier Carrasco <javier.carrasco.cruz@gmail.com>
---
Javier Carrasco (11):
      iio: temperature: tmp006: fix information leak in triggered buffer
      iio: adc: ti-ads1119: fix information leak in triggered buffer
      iio: pressure: zpa2326: fix information leak in triggered buffer
      iio: adc: rockchip_saradc: fix information leak in triggered buffer
      iio: imu: kmx61: fix information leak in triggered buffer
      iio: light: vcnl4035: fix information leak in triggered buffer
      iio: light: bh1745: fix information leak in triggered buffer
      iio: adc: ti-ads8688: fix information leak in triggered buffer
      iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer
      iio: light: as73211: fix information leak in triggered buffer
      iio: core: fix doc reference to iio_push_to_buffers_with_ts_unaligned

 drivers/iio/adc/rockchip_saradc.c           | 2 ++
 drivers/iio/adc/ti-ads1119.c                | 2 ++
 drivers/iio/adc/ti-ads8688.c                | 2 +-
 drivers/iio/dummy/iio_simple_dummy_buffer.c | 2 +-
 drivers/iio/imu/kmx61.c                     | 2 +-
 drivers/iio/light/as73211.c                 | 3 +++
 drivers/iio/light/bh1745.c                  | 2 ++
 drivers/iio/light/vcnl4035.c                | 2 +-
 drivers/iio/pressure/zpa2326.c              | 2 ++
 drivers/iio/temperature/tmp006.c            | 2 ++
 include/linux/iio/iio-opaque.h              | 2 +-
 11 files changed, 18 insertions(+), 5 deletions(-)
---
base-commit: ab376e4d674037f45d5758c1dc391bd4e11c5dc4
change-id: 20241123-iio_memset_scan_holes-a673833ef932

Best regards,