lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20161123163917.GC10750@kroah.com>
Date:   Wed, 23 Nov 2016 17:39:17 +0100
From:   Greg KH <greg@...ah.com>
To:     Wolfgang Wilhelm <wilhelm@...tcomtec.com>
Cc:     linux-usb@...r.kernel.org,
        Austin S Hemmelgarn <ahferroin7@...il.com>,
        linux-kernel@...r.kernel.org
Subject: Re: Problem with USB driver using two devices

On Wed, Nov 23, 2016 at 05:35:45PM +0100, Greg KH wrote:
> On Wed, Nov 23, 2016 at 05:17:35PM +0100, Wolfgang Wilhelm wrote:
> > Thankyou very much for the really fast answer.
> > 
> > I don't get any error messages and I can communicate with
> > the driver for the second device via ioctrl and write functions,
> > i.e. write registers and read registers via the RBUF ioctrl function,
> > only the read function for the second device does not work,
> > i.e. no data is obtained from the mcs6_read function for the
> > second device.
> 
> Hm, let me go look at the driver again, maybe something's odd with it.

I don't see anything odd with your read function, is it just timing out?

Have you tried doing read/writes from userspace with libusb and that
works correctly?

> > Which security problems do you see in the code?
> 
> No checking that the values given to you by userspace are actually valid
> and within "sane" ranges :)

Oh, also your ioctl types need to be better specified than "int" as that
doesn't make much sense with 64bit kernels and a 32bit userspace.  You
need to use types like __u32 in order to make sure that works correctly
in all situations.

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ