lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 5 Aug 2021 09:58:31 +0200
From:   Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To:     Andi Kleen <ak@...ux.intel.com>
Cc:     Kuppuswamy Sathyanarayanan 
        <sathyanarayanan.kuppuswamy@...ux.intel.com>,
        "Rafael J . Wysocki" <rafael@...nel.org>,
        Jonathan Corbet <corbet@....net>,
        Dan Williams <dan.j.williams@...el.com>,
        Kuppuswamy Sathyanarayanan <knsathya@...nel.org>,
        linux-kernel@...r.kernel.org, linux-doc@...r.kernel.org
Subject: Re: [PATCH v1] driver: base: Add driver filter support

On Thu, Aug 05, 2021 at 09:55:33AM +0200, Greg Kroah-Hartman wrote:
> On Thu, Aug 05, 2021 at 09:49:29AM +0200, Greg Kroah-Hartman wrote:
> > On Wed, Aug 04, 2021 at 12:50:24PM -0700, Andi Kleen wrote:
> > > > And what's wrong with the current method of removing drivers from
> > > > devices that you do not want them to be bound to?  We offer that support
> > > > for all busses now that want to do it, what driver types are you needing
> > > > to "control" here that does not take advantage of the existing
> > > > infrastructure that we currently have for this type of thing?
> > > 
> > > I'm not sure what mechanism you're referring to here, but in general don't
> > > want the drivers to initialize at all because they might get exploited in
> > > any code that they execute.
> > 
> > That is exactly the mechanism we have today in the kernel for all busses
> > if they wish to take advantage of it.  We have had this for all USB
> > drivers for well over a decade now, this is not a new feature.  Please
> > use that instead.
> 
> Hm, wait, maybe that didn't get merged yet, let me dig...
> 

Ok, my fault, I was thinking of the generic "removable" support that
recently got added.

Both thunderbolt and USB have the idea of "authorized" devices, that is
the logic that should be made generic and available for all busses to
use, by moving it to the driver core, just like the "removable" logic
got moved to the driver core recently (see 70f400d4d957 ("driver core:
Move the "removable" attribute from USB to core")

Please use that type of interface, as we already have userspace tools
using it, and expand it for all busses in the system to use if they
want.  Otherwise with this proposal you will end up with multiple ways
to control the same bus type with different types of "filtering",
ensuring a mess.

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ