lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <f979468c-434a-43e9-8c50-8e92188abc11@zytor.com>
Date: Wed, 16 Jul 2025 10:49:43 -0700
From: "H. Peter Anvin" <hpa@...or.com>
To: Oliver Neukum <oneukum@...e.com>
Cc: linux-usb@...r.kernel.org, linux-kernel@...r.kernel.org,
        gregkh@...uxfoundation.org, Jiri Slaby <jirislaby@...nel.org>,
        linux-serial@...r.kernel.org
Subject: Re: USB cdc-acm driver: break and command

On 2025-07-16 09:17, Oliver Neukum wrote:
> On 16.07.25 17:06, H. Peter Anvin wrote:
> 
>> SEND_ENCAPSULATED_COMMAND at least takes a command string – it was
>> intended, I believe, to be able to send AT commands to a modem while
>> online without using the +++ escape code and all the potential race
>> conditions (and security issues, since it is trivial for a user to
>> generate) associated with that.
> 
> Understood. It still seems dirty to me. If you want to send strings to a
> device
> the proper way is to use a device node and write().
>  

There is definitely something to be said for that; or at least a file
descriptor.  We do have cases in the kernel -- notably opening the pts
corresponding to a ptmx file descriptor -- that do that sort of
"auxiliary open" kind of thing.

The big question is how that interacts with the rest of the ACM driver,
as well as all the lifetime issues you mentioned elsewhere.

	-hpa

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ