lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <nycvar.YFH.7.76.1806200913420.6203@cbobk.fhfr.pm>
Date:   Wed, 20 Jun 2018 09:15:51 +0200 (CEST)
From:   Jiri Kosina <jikos@...nel.org>
To:     Linus Torvalds <torvalds@...ux-foundation.org>
cc:     Hans de Goede <hdegoede@...hat.com>, Julian Sax <jsbc@....de>,
        Benjamin Tissoires <benjamin.tissoires@...hat.com>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: [GIT PULL] HID fixes

On Wed, 20 Jun 2018, Linus Torvalds wrote:

> But what is the *source* of this binary crud?
> 
> Because no way in hell do we take binary crud from random places, and
> then add it to the kernel.
> 
> NOT EVEN IF IT WENT THROUGH SOME "hidrd-convert" PHASE!
> 
> And yes, now that I google for that hidrd-convert pattern, I see that
> we already have other broken chunks like this.
> 
> Not ok. At least some of them seem to mention where the data comes from, 
> eg
> 
>    "This is the original report descriptor as reported by lsusb -vd 046d:c294"
> 
> but this one has no such information.
> 
> So guys, you need to think about where things come from, and document
> how some random garbage came to be. Not just add it to the kernel.

Well, at least for the ones I've done myself in the past, those are 
hand-written from scratch.

It's not really a firmware / code, it's just a description of the data in 
the reports, so that HID parser can interpret it properly.

-- 
Jiri Kosina
SUSE Labs

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ