| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <19aaf781-851b-fc26-239a-a6fc8494fd5c@elektron.elka.pw.edu.pl>
Date: Fri, 23 Feb 2018 01:56:55 +0100
From: "wzabolot@...ktron.elka.pw.edu.pl" <wzabolot@...ktron.elka.pw.edu.pl>
To: 891036@...s.debian.org
Cc: LKML <linux-kernel@...r.kernel.org>, Shuah Khan <shuah@...nel.org>,
"linux-usb@...r.kernel.org >> linux-usb"@vger.kernel.org
Subject: Proposal - how to make usbip more resistant to misconfiguration
Hi,
I have found that the
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891036 is not the only
one related to misconfiguration of the usbip driver and tools.
A few weeks ago the similar bug
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878866 was discovered.
It seems that the configuration of usbip is fragile, and it is easy to
make a mistake leading to the setup that doesn't work correctly.
I suppose, that additional mechanisms should be added to prevent such
problems:
1. It should be checked DURING THE COMPILATION, that the number of
ports in a single virtual hub does not exceed 128.
2. The MAXNPORT constant in tools/usb/usbip/libsrc/vhci_driver.h should
be defined as:
#define MAXNPORT ( VHCI_PORTS * VHCI_NR_HCS )
I have not tested the above modifications. If I find some time to verify
them, and if they are correct, I'll submit the official patches.
With best regards,
Wojtek
--
Wojciech M Zabolotny, PhD
Institute of Electronic Systems
Faculty of Electronics and Information Technology
Warsaw University of Technology
Powered by blists - more mailing lists