lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <aW48bAZWZr8Bit8x@horms.kernel.org>
Date: Mon, 19 Jan 2026 14:15:08 +0000
From: Simon Horman <horms@...nel.org>
To: "wanquan.zhong" <zwq2226404116@....com>
Cc: chandrashekar.devegowda@...el.com, chiranjeevi.rapolu@...ux.intel.com,
	haijun.liu@...iatek.com, ricardo.martinez@...ux.intel.com,
	netdev@...r.kernel.org, loic.poulain@....qualcomm.com,
	ryazanov.s.a@...il.com, johannes@...solutions.net,
	davem@...emloft.net, andrew+netdev@...n.ch, kuba@...nel.org,
	pabeni@...hat.com, linux-kernel@...r.kernel.org,
	"wanquan.zhong" <wanquan.zhong@...ocom.com>
Subject: Re: [PATCH] [PATCH v2] wwan: t7xx: Add CONFIG_WWAN_ADB_PORT to
 control ADB debug port

On Wed, Jan 14, 2026 at 05:54:34PM +0800, wanquan.zhong wrote:
> From: "wanquan.zhong" <wanquan.zhong@...ocom.com>
> 
> Add a new Kconfig option for MediaTek T7xx WWAN devices, to
> conditionally enable the ADB debug port functionality. This option:
> - Depends on MTK_T7XX (specific to MediaTek T7xx devices)
> - Defaults to 'y', as disabling it may cause difficulties for T7xx
> debugging
> - Requires EXPERT to be visible (to avoid accidental enablement)
> 
> In t7xx_port_proxy.c, wrap the ADB port configuration struct with
> CONFIG_WWAN_ADB_PORT, so the port is only exposed when
> the config is explicitly enabled.
> 
> This addresses security concerns in certain systems (e.g., Google
> Chrome OS)where root privileges could potentially trigger ADB
> configuration of WWAN devices.Note that only ADB port is restricted
> while MIPC port remains unrestricted,as MIPC is MTK's internal
> protocol port with no security risks.

Hi,

I'm entirely unfamiliar with the security model here.

But is it possible for someone with root privileges to replace
the driver, e.g. to one with ADB enabled?

> 
> While using a kernel config option for a single array element in t7xx may
> seem like resource overhead, this is the most straightforward
> implementation approach. Alternative implementation suggestions are
> welcome.
> 
> Signed-off-by: wanquan.zhong <wanquan.zhong@...ocom.com>

...

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ