| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 4 Apr 2018 09:14:06 -0600
From: Shuah Khan <shuah@...nel.org>
To: Oliver Neukum <oneukum@...e.com>,
Shuah Khan <shuahkh@....samsung.com>,
Greg KH <gregkh@...uxfoundation.org>
Cc: valentina.manea.m@...il.com, linux-kernel@...r.kernel.org,
linux-usb@...r.kernel.org, Shuah Khan <shuah@...nel.org>
Subject: Re: [PATCH] usbip: vhc_hcd: prevent module being removed while device
are attached
On 04/04/2018 02:25 AM, Oliver Neukum wrote:
> Am Dienstag, den 03.04.2018, 09:56 -0600 schrieb Shuah Khan:
>> This is a virtual device associated to a real physical device on a different
>> system. My concern is that if the module gets removed accidentally then it
>> could disrupt access to the remote device. The remote nature of the device
>> with several players involved makes this scenario a bit more complex than
>
> Hi,
>
> you would doubtlessly lose connection to that device. Yet you would
> also lose connections if you down your network. You need to be root
> to unload a module. You could overwrite your root filesystems or flash
> your firmware. In general we cannot and don't try to protect root
> from such accidents.
>
Yes. There are several scenarios that could disrupt access. There are
no bad things happening other than the expected read failures when the
device is actively in use.
thanks for the review.
-- Shuah
Powered by blists - more mailing lists