lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Sat, 9 Aug 2008 10:57:56 +0200
From:	Jean Delvare <khali@...ux-fr.org>
To:	Andrew Morton <akpm@...ux-foundation.org>
Cc:	linux-fbdev-devel@...ts.sourceforge.net, adaplas@...il.com,
	vandrove@...cvut.cz, linux-kernel@...r.kernel.org
Subject: Re: [Linux-fbdev-devel] [PATCH 0/3] matroxfb fixes and improvements

Hi Andrew,

On Fri, 8 Aug 2008 14:00:19 -0700, Andrew Morton wrote:
> On Fri, 8 Aug 2008 16:49:37 +0200
> Jean Delvare <khali@...ux-fr.org> wrote:
> 
> > Not having heard of Petr in one month and a half, I am sending these 3
> > patches again. Patch 1/3 (matrox maven: Fix a broken error path) in
> > particular should be applied ASAP. Patch 2/3 (matroxfb: i2c structure
> > templates clean-up) would be good to have as well and I tested it.
> > Patch 3/3 (matrox maven: Convert to a new-style i2c driver) needs
> > testing before it can go upstream. I can't test it myself, but it has
> > been in linux-next for 6 weeks or so.
> 
> I'll put all three into 2.6.27.

Thank you.

> I suspect that #1 should be backported to 2.6.25.x and to 2.6.26.x but
> I am unsure about that due to its poor changelogging.
> 
> I _think_ that the machine will crash if the i2c_attach_client() or
> maven_init_client() calls fail.  But I don't know under what
> circumstances that can happen, nor whether the bug has been reported in
> the field, etc.

I found it while working on patch #3. I am not aware of it having been
reported in the field. The maven driver doesn't have that many users
(which is why I am struggling to get patch #3 tested.) And then the
errors in question are unlikely to happen. In fact, maven_init_client()
always returns 0, it simply cannot fail. So I'd say that the chances
that someone hits that bug are thin.

That would mean that we don't really need to backport the fix. But OTOH
it's a regression and the fix is pretty easy and not intrusive. So, I
think I would still backport it.

> And the -stable people also will be interested in such information when
> making their decisions.

I think I will let them decide.

-- 
Jean Delvare
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ