| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2c807a7e-d55d-4670-9a86-e3fcaa3e52ba@suse.com> Date: Wed, 16 Jul 2025 18:17:19 +0200 From: Oliver Neukum <oneukum@...e.com> To: "H. Peter Anvin" <hpa@...or.com>, Oliver Neukum <oneukum@...e.com> Cc: linux-usb@...r.kernel.org, linux-kernel@...r.kernel.org, gregkh@...uxfoundation.org, Jiri Slaby <jirislaby@...nel.org>, linux-serial@...r.kernel.org Subject: Re: USB cdc-acm driver: break and command On 16.07.25 17:06, H. Peter Anvin wrote: > SEND_ENCAPSULATED_COMMAND at least takes a command string – it was intended, I believe, to be able to send AT commands to a modem while online without using the +++ escape code and all the potential race conditions (and security issues, since it is trivial for a user to generate) associated with that. Understood. It still seems dirty to me. If you want to send strings to a device the proper way is to use a device node and write(). > As far as BREAK is concerned, there is also the option of locking out a second BREAK for the delay time; however, this probably should belong in the tty core. What do other drivers supporting TTY_DRIVER_HARDWARE_BREAK do? I know of no driver but n_gsm which uses it. That driver needs to use it, because it cannot switch off a break. If you really wanted to use that API as it is right now, you'd have breaks racing with each other and, worse, with open() and close(). Are you sure POSIX says nothing about how to handle such cases? You'd probably have to start a timer in the driver in send_break(). That timer would need to be properly handled in disconnect(), pre/post_reset() and suspend() That API is really not nice to use. Regards Oliver
Powered by blists - more mailing lists