| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 30 Apr 2021 10:06:49 +0200
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: linux-kernel@...r.kernel.org, Du Cheng <ducheng2@...il.com>
Cc: Kangjie Lu <kjlu@....edu>, "David S . Miller" <davem@...emloft.net>
Subject: Re: [PATCH 169/190] Revert "atl1e: checking the status of
atl1e_write_phy_reg"
On Tue, Apr 27, 2021 at 08:13:25PM +0200, Greg Kroah-Hartman wrote:
> On Wed, Apr 21, 2021 at 03:00:44PM +0200, Greg Kroah-Hartman wrote:
> > This reverts commit ff07d48d7bc0974d4f96a85a4df14564fb09f1ef.
> >
> > Commits from @umn.edu addresses have been found to be submitted in "bad
> > faith" to try to test the kernel community's ability to review "known
> > malicious" changes. The result of these submissions can be found in a
> > paper published at the 42nd IEEE Symposium on Security and Privacy
> > entitled, "Open Source Insecurity: Stealthily Introducing
> > Vulnerabilities via Hypocrite Commits" written by Qiushi Wu (University
> > of Minnesota) and Kangjie Lu (University of Minnesota).
> >
> > Because of this, all submissions from this group must be reverted from
> > the kernel tree and will need to be re-reviewed again to determine if
> > they actually are a valid fix. Until that work is complete, remove this
> > change to ensure that no problems are being introduced into the
> > codebase.
> >
> > Cc: Kangjie Lu <kjlu@....edu>
> > Cc: David S. Miller <davem@...emloft.net>
> > Signed-off-by: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
> > ---
> > drivers/net/ethernet/atheros/atl1e/atl1e_main.c | 4 +---
> > 1 file changed, 1 insertion(+), 3 deletions(-)
> >
> > diff --git a/drivers/net/ethernet/atheros/atl1e/atl1e_main.c b/drivers/net/ethernet/atheros/atl1e/atl1e_main.c
> > index ff9f96de74b8..85f9cb769e30 100644
> > --- a/drivers/net/ethernet/atheros/atl1e/atl1e_main.c
> > +++ b/drivers/net/ethernet/atheros/atl1e/atl1e_main.c
> > @@ -455,9 +455,7 @@ static void atl1e_mdio_write(struct net_device *netdev, int phy_id,
> > {
> > struct atl1e_adapter *adapter = netdev_priv(netdev);
> >
> > - if (atl1e_write_phy_reg(&adapter->hw,
> > - reg_num & MDIO_REG_ADDR_MASK, val))
> > - netdev_err(netdev, "write phy register failed\n");
> > + atl1e_write_phy_reg(&adapter->hw, reg_num & MDIO_REG_ADDR_MASK, val);
> > }
> >
> > static int atl1e_mii_ioctl(struct net_device *netdev,
> > --
> > 2.31.1
> >
>
> The original change here is a mess, what is a user supposed to do if
> this call fails? I will revert it and properly pass the error value up
> to the callers, as that is the correct thing to do here, not paper over
> the issue with a commit message that claims this change "fixes"
> anything.
In looking at this further, Du has pointed out to me that the
atl1e_mdio_write function can not easily be changed to return an error
value, because that would require all callbacks for mdio_write in struct
mii_if_info would need to be changed and handled properly.
So the original commit was as correct as is possible at the moment,
making a much larger change like this really isn't needed, so I'll drop
the revert.
thanks to Du Cheng for the additional review, it is much appreciated.
greg k-h
Powered by blists - more mailing lists