lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <YNTrxT9gRrfMlN+2@lunn.ch>
Date:   Thu, 24 Jun 2021 22:32:05 +0200
From:   Andrew Lunn <andrew@...n.ch>
To:     Wolfram Sang <wsa@...nel.org>, Johan Hovold <johan@...nel.org>,
        linux-i2c@...r.kernel.org, linux-usb@...r.kernel.org,
        linux-kernel@...r.kernel.org,
        syzbot+9d7dadd15b8819d73f41@...kaller.appspotmail.com,
        stable@...r.kernel.org
Subject: Re: [PATCH] i2c: robotfuzz-osif: fix control-request directions

On Thu, Jun 24, 2021 at 10:10:17PM +0200, Wolfram Sang wrote:
> On Wed, Jun 23, 2021 at 10:52:04AM +0200, Johan Hovold wrote:
> > On Mon, May 24, 2021 at 11:09:12AM +0200, Johan Hovold wrote:
> > > The direction of the pipe argument must match the request-type direction
> > > bit or control requests may fail depending on the host-controller-driver
> > > implementation.
> > > 
> > > Control transfers without a data stage are treated as OUT requests by
> > > the USB stack and should be using usb_sndctrlpipe(). Failing to do so
> > > will now trigger a warning.
> > > 
> > > Fix the OSIFI2C_SET_BIT_RATE and OSIFI2C_STOP requests which erroneously
> > > used the osif_usb_read() helper and set the IN direction bit.
> > > 
> > > Reported-by: syzbot+9d7dadd15b8819d73f41@...kaller.appspotmail.com
> > > Fixes: 83e53a8f120f ("i2c: Add bus driver for for OSIF USB i2c device.")
> > > Cc: stable@...r.kernel.org      # 3.14
> > > Cc: Andrew Lunn <andrew@...n.ch>
> > > Signed-off-by: Johan Hovold <johan@...nel.org>
> > > ---
> > 
> > Wolfram, can you pick this one up for 5.14?
> 
> Sorry, I thought Andrew was the maintainer of this driver and was
> waiting for his ack.

Ah, sorry. I did take a quick look at the change, it seemed
sensible. But i've not used this hardware in years, i have no way to
test it, etc.

     Andrew

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ