lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sat, 8 Sep 2018 18:18:53 -0700 From: Olof Johansson <olof@...om.net> To: Jolly Shah <jolly.shah@...inx.com> Cc: "ard.biesheuvel@...aro.org" <ard.biesheuvel@...aro.org>, Ingo Molnar <mingo@...nel.org>, Greg Kroah-Hartman <gregkh@...uxfoundation.org>, matt@...eblueprint.co.uk, Sudeep Holla <sudeep.holla@....com>, hkallweit1@...il.com, Kees Cook <keescook@...omium.org>, Dmitry Torokhov <dmitry.torokhov@...il.com>, Michael Turquette <mturquette@...libre.com>, Stephen Boyd <sboyd@...eaurora.org>, Michal Simek <michal.simek@...inx.com>, Rob Herring <robh+dt@...nel.org>, Mark Rutland <mark.rutland@....com>, linux-clk <linux-clk@...r.kernel.org>, rajanv@...inx.com, Linux ARM Mailing List <linux-arm-kernel@...ts.infradead.org>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, DTML <devicetree@...r.kernel.org>, Jolly Shah <jollys@...inx.com> Subject: Re: [PATCH v11 03/11] firmware: xilinx: Add zynqmp IOCTL API for device control Hi, On Fri, Aug 3, 2018 at 10:53 AM, Jolly Shah <jolly.shah@...inx.com> wrote: > From: Rajan Vaja <rajanv@...inx.com> > > Add ZynqMP firmware IOCTL API to control and configure > devices like PLLs, SD, Gem, etc. > > Signed-off-by: Rajan Vaja <rajanv@...inx.com> > Signed-off-by: Jolly Shah <jollys@...inx.com> This patch worries me somewhat. It's a transparent pass-through ioctl driver. Is there a spec available for what the implemented IOCTLs are? Should some of them be proper drivers instead of an opaque pass-through like this? Could some of them have stability impact on the platform such that there are security concerns and the list of arguments should somehow be sanitized? What's the intended usecase anyway? Just a debug tool during development, or something that you expect heavy use of by some userspace middleware? -Olof
Powered by blists - more mailing lists