Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

pinmux subsystem API is undocumented and does not enforce validation #7390

Closed
andrewboie opened this issue May 7, 2018 · 2 comments
Closed

pinmux subsystem API is undocumented and does not enforce validation #7390

andrewboie opened this issue May 7, 2018 · 2 comments
Labels
area: Pinmux bug The issue is a bug, or the PR is fixing a bug priority: low Low impact/importance bug

Comments

@andrewboie
Copy link
Contributor

None of the pinmux APIs in include/pinmux.h have any documentation.
In addition, if we are to expose pinmux APIs to user mode, we are going to need the specification to enforce that drivers validate the parameters passed in. Currently the pinmux drivers don't validate any inputs, and a user thread using these APIs have been demonstrated writing to memory that it should not have access to or even disable the MPU.

Until this is done, the pinmux subsystem APIs are being removed from user mode access.
@andrewboie andrewboie mentioned this issue May 7, 2018
Merged
andrewboie pushed a commit to andrewboie/zephyr that referenced this issue May 7, 2018
pinmux: remove user mode access
901ed89 
The pinmux subsystem does not have any API documenation. Currently
none of the existing pinmux drivers do any kind of input validation
for the pin/op parameters, which has been shown to allow the caller
to access unauthorized memory, up to and including disabling the
MPU.

This requires a proper specification for the pinmux subsystem and
also modification of existingd drivers to validate arguments on a per
driver basis. Remove user mode access until zephyrproject-rtos#7390 is resolved.

Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
nashif pushed a commit that referenced this issue May 8, 2018
pinmux: remove user mode access
a420836 
The pinmux subsystem does not have any API documenation. Currently
none of the existing pinmux drivers do any kind of input validation
for the pin/op parameters, which has been shown to allow the caller
to access unauthorized memory, up to and including disabling the
MPU.

This requires a proper specification for the pinmux subsystem and
also modification of existingd drivers to validate arguments on a per
driver basis. Remove user mode access until #7390 is resolved.

Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
@MaureenHelm
Copy link
Member

@andrewboie Will you please rewrite this such that it describes what needs to be done, rather than just describing the current state of affairs? Something like "Add documentation to the pinmux APIs" and "Validate pinmux API inputs". I'd like to tag this issue as an enhancement, but that doesn't make sense with the current description.

@nashif nashif added bug The issue is a bug, or the PR is fixing a bug priority: low Low impact/importance bug labels May 17, 2018
@nashif
Copy link
Member

nashif commented Feb 19, 2019

pinmux system will be completely overhauled and replaced, so closing this old issue.

@nashif nashif closed this as completed Feb 19, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area: Pinmux bug The issue is a bug, or the PR is fixing a bug priority: low Low impact/importance bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@nashif @andrewboie @MaureenHelm