| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 23 May 2018 11:56:36 -0400 (EDT)
From: David Miller <davem@...emloft.net>
To: g.nault@...halink.fr
Cc: ebiggers3@...il.com, linux-ppp@...r.kernel.org, paulus@...ba.org,
netdev@...r.kernel.org, linux-fsdevel@...r.kernel.org,
linux-kernel@...r.kernel.org, syzkaller-bugs@...glegroups.com,
ebiggers@...gle.com
Subject: Re: [PATCH] ppp: remove the PPPIOCDETACH ioctl
From: Guillaume Nault <g.nault@...halink.fr>
Date: Wed, 23 May 2018 15:57:08 +0200
> I'd rather add
> + if (cmd == PPPIOCDETACH) {
> + err = -EINVAL;
> + goto out;
> + }
>
> Making PPPIOCDETACH unknown to ppp_generic means that the ioctl would
> be handled by the underlying channel when pf->kind == CHANNEL (see the
> chan->ops->ioctl() call further down). That shouldn't be a problem per
> se, but even though PPPIOCDETACH is unsupported, I feel that it should
> remain a ppp_generic thing. I don't really want its value to be reused
> for other purposes in the future or have different behaviour depending
> on the underlying channel.
>
> Also PPPIOCDETACH can already fail with -EINVAL. Therefore, if ever
> there really were programs out there using this call, they'd already
> have to handle this case. Unconditionally returning -EINVAL would
> further minimise possibilities for breakage.
I agree.
Powered by blists - more mailing lists