lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1cbc87c6-7920-1f53-879b-79de87d685fc@gmail.com>
Date:   Wed, 10 Oct 2018 11:05:56 +1300
From:   Michael Schmitz <schmitzmic@...il.com>
To:     Dmitry Torokhov <dmitry.torokhov@...il.com>
Cc:     sashal@...nel.org, "3.8+" <stable@...r.kernel.org>,
        lkml <linux-kernel@...r.kernel.org>,
        Andreas Schwab <schwab@...ux-m68k.org>,
        alexander.levin@...rosoft.com
Subject: Re: [PATCH AUTOSEL 4.18 24/58] Input: atakbd - fix Atari CapsLock
 behaviour

Hi Dmitry,

I agree the bug is neither subtle nor recent, not security relevant and 
will affect only a handful of users at best.

If you're worried about weakening the rules around stable releases, by 
all means go ahead and veto the inclusion of these patches in the next 
stable release.

Cheers,

     Michael


On 09/10/18 08:20, Dmitry Torokhov wrote:
> Hi Michael,
>
> On Mon, Oct 8, 2018 at 12:09 PM Michael Schmitz <schmitzmic@...il.com> wrote:
>> Dmitry,
>>
>> someone on debian-68k reported the bug, which (to me) indicates that the
>> code is not just used by me.
>>
>> Whether or not a functioning Capslock is essential to have? You be the
>> judge of that. If you are OK with applying the keymap patch, why not
>> this one?
> I have exactly the same concerns about the keymap patch. This all has
> not been working correctly for many many years (and it was not broken
> in a subtly way as far as I understand, but rather quite obvious).
> Thus I do not understand why this belongs to stable release. It is not
> a [recent] regression, nor secutiry bug, nor even enabling of new
> hardware, that is why I myself did not mark it as stable.
>
> I still maintain that we pick up for stable too many patches for no
> clear benefit. This is similar to the patch for Atmel controllers that
> was picked to stable and I asked why, as it is not clear how many
> users might be affected (or if the problem the patch was solving was
> purely theoretical, or only affecting hardware that is not in
> circulation yet).
>
>> Debian will carry stable patches without explicit action on behalf of
>> the maintainer. Unstable patches are a little harder to get accepted.
>>
>> Cheers,
>>
>>       Michael
>>
>>
>>
>> On 09/10/18 06:11, Dmitry Torokhov wrote:
>>> On Mon, Oct 8, 2018 at 8:25 AM Sasha Levin <sashal@...nel.org> wrote:
>>>> From: Michael Schmitz <schmitzmic@...il.com>
>>>>
>>>> [ Upstream commit 52d2c7bf7c90217fbe875d2d76f310979c48eb83 ]
>>>>
>>>> The CapsLock key on Atari keyboards is not a toggle, it does send the
>>>> normal make and break scancodes.
>>>>
>>>> Drop the CapsLock toggle handling code, which did cause the CapsLock
>>>> key to merely act as a Shift key.
>>> This has been broken for 10+ years. Does it really make sense to
>>> promote it to stable?
>>>
>>>> Tested-by: Michael Schmitz <schmitzmic@...il.com>
>>>> Signed-off-by: Michael Schmitz <schmitzmic@...il.com>
>>>> Signed-off-by: Andreas Schwab <schwab@...ux-m68k.org>
>>>> Signed-off-by: Dmitry Torokhov <dmitry.torokhov@...il.com>
>>>> Signed-off-by: Sasha Levin <alexander.levin@...rosoft.com>
>>>> ---
>>>>    drivers/input/keyboard/atakbd.c | 10 ++--------
>>>>    1 file changed, 2 insertions(+), 8 deletions(-)
>>>>
>>>> diff --git a/drivers/input/keyboard/atakbd.c b/drivers/input/keyboard/atakbd.c
>>>> index 524a72bee55a..fdeda0b0fbd6 100644
>>>> --- a/drivers/input/keyboard/atakbd.c
>>>> +++ b/drivers/input/keyboard/atakbd.c
>>>> @@ -189,14 +189,8 @@ static void atakbd_interrupt(unsigned char scancode, char down)
>>>>
>>>>                   scancode = atakbd_keycode[scancode];
>>>>
>>>> -               if (scancode == KEY_CAPSLOCK) { /* CapsLock is a toggle switch key on Amiga */
>>>> -                       input_report_key(atakbd_dev, scancode, 1);
>>>> -                       input_report_key(atakbd_dev, scancode, 0);
>>>> -                       input_sync(atakbd_dev);
>>>> -               } else {
>>>> -                       input_report_key(atakbd_dev, scancode, down);
>>>> -                       input_sync(atakbd_dev);
>>>> -               }
>>>> +               input_report_key(atakbd_dev, scancode, down);
>>>> +               input_sync(atakbd_dev);
>>>>           } else                          /* scancodes >= 0xf3 are mouse data, most likely */
>>>>                   printk(KERN_INFO "atakbd: unhandled scancode %x\n", scancode);
>>>>
>>>> --
>>>> 2.17.1
>>>>
> Thanks.
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ