lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <f6baf8dd-4652-450e-a08b-157a806d4459@enpas.org>
Date: Thu, 21 Nov 2024 00:59:28 +0900
From: Max Staudt <max@...as.org>
To: Vincent Mailhol <mailhol.vincent@...adoo.fr>,
 Dan Carpenter <dan.carpenter@...aro.org>,
 Marc Kleine-Budde <mkl@...gutronix.de>
Cc: linux-can@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v1] can: can327: Clean up payload encoding in
 can327_handle_prompt()

On 11/20/24 02:15, Max Staudt wrote:
> A bit off-topic, but since CAN_RAW came up: Why does CAN_RAW even 
> sanitise anything at all, instead of relying on checks on later layers? 
> It seems like quite a few checks are duplicated. And all the while it's 
> possible for userspace to do weird stuff like seemingly enabling CAN FD 
> on the socket via setsockopt() CAN_RAW_FD_FRAMES, but that's only 
> flipping a bit on the CAN_RAW socket, yet changes nothing underneath. It 
> was quite confusing to read. I suppose the explanation is "legacy"?

Answering my own question here:

CAN_RAW_FD_FRAMES modifies what frames are allowed to pass through the 
CAN_RAW socket towards userspace. This way, simple software handling 
only CAN 2.0 frames may assume that reading anything other than CAN_MTU 
bytes from the socket is an error. This keeps the code simple, and old 
programs have to be written this way, because there is no way for them 
to guess what not yet implemented CAN versions will look like.

So, this option makes a lot more sense to me now, sorry for the extra 
noise :)


Max


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ