lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 4 Apr 2022 08:32:16 -0700
From:   Linus Torvalds <torvalds@...ux-foundation.org>
To:     Guenter Roeck <linux@...ck-us.net>
Cc:     Larry Finger <Larry.Finger@...inger.net>,
        Oded Gabbay <ogabbay@...nel.org>, Jiri Slaby <jslaby@...e.cz>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Subject: Re: Linux 5.18-rc1

On Sun, Apr 3, 2022 at 9:23 PM Guenter Roeck <linux@...ck-us.net> wrote:
>
> Oops. Sorry, I thought it was big endian. No idea why. I'll update
> subject and description and resend.

I see your updated patch, but for some reason 'b4' is unhappy about it, with

  $ b4 am 20220404134338.3276991-1-linux@...ck-us.net

causing

  ✗ [PATCH v3] staging: r8188eu: Fix PPPoE tag insertion on little
endian systems
  ---
  ✗ BADSIG: DKIM/roeck-us.net

your DKIM looks fine on the messages I see, but now that I look at it
on the mailing list, I notice that your DKIM really is very wrong, and
has a lot of headers that a DKIM signature should *not* have.

Your DKIM signature includes header names that are very much for list
management, so by definition DKIM will fail for any email you send
through a mailing list. Headers like
"Resent-From:Resent-Sender:Resent-To:Resent-Cc
:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe" etc.

The DKIM setup should protect the meaningful headers that matter to
the sender, not things that the mail system will validly add when it
passes through.

So the DKIM header list should be things like
":To:From:Cc:Message-Id:Date:Subject:"

Not things like "Sender" or mailing list things.

Anyway, I was going to just commit it directly, but with the DKIM
verification failing, I was a bit less eager to. And then I noticed
that you used "be16_to_cpu()" - which is technically correct - which
doesn't match the other code in that file.

That driver uses the traditional "htons()" to convert to network byte
order. And yes, our naming with "be16_to_cpu()" etc is much more
legible and does do the reverse, but it looks very odd to mix the two
naming conventions. Either use one or the other, but not a mix.

             Linus

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ