lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 7 Jun 2018 12:34:54 -0500
From:   Brandon Maier <brandon.maier@...kwellcollins.com>
To:     Andrew Lunn <andrew@...n.ch>
Cc:     netdev@...r.kernel.org, f.fainelli@...il.com, davem@...emloft.net,
        michal.simek@...inx.com,
        Clayton Shotwell <clayton.shotwell@...kwellcollins.com>,
        Kristopher Cory <kristopher.cory@...kwellcollins.com>,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH 1/3] net: phy: Check phy_driver ready before accessing

On Thu, Jun 7, 2018 at 11:52 AM, Andrew Lunn <andrew@...n.ch> wrote:
> FYI: net-next is closed at the moment. Please resubmit these in two
> weeks time.

Ah, I didn't see networking/netdev-FAQ.txt. I'll resubmit these then.

> I'm sure there are more issues like this in the code.  e.g. there is
> no attempt made to hold a reference to the child phy. So it could be
> unbound. priv->phy_drv->read_status(phydev) is then going to do bad
> things.
>

Agreed. Another thing that looks suspicious to me is the driver
overrides the private data of the device it's attaching too, in the
`priv->phy_dev->priv = priv` bit. Seems like that could cause all
sorts of driver corruption problems.

But fixing that is going to require more drastic changes to how this
driver works. So it'd be worth applying this patch in the mean time.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ