lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <1173144447.15891.93.camel@johannes.berg>
Date:	Tue, 06 Mar 2007 02:27:26 +0100
From:	Johannes Berg <johannes@...solutions.net>
To:	linux-wireless@...r.kernel.org
Cc:	netdev <netdev@...r.kernel.org>, Jeff Garzik <jgarzik@...ox.com>,
	Jean Tourrilhes <jt@....hp.com>,
	Dan Williams <dcbw@...hat.com>,
	Jouni Malinen <jkm@...icescape.com>
Subject: wireless extensions vs. 64-bit architectures

Hi,

Wtf! After struggling with some strange problems with zd1211rw (see some
other mail) I decided to think again about what could possibly cause all
the other problems I'm having with it. The kernel seems fine, but iw*
userspace continually segfaults! And it also seems to be not
reproducible for most other people, I'd asked on IRC once a while.

Well. Some thinking and stracing and thinking later it occurred to me...
Hell! wext is ioctls and includes this gem:

struct  iw_point
{
  void __user   *pointer;       /* Pointer to the data  (in user space) */
  __u16         length;         /* number of fields or size in bytes */
  __u16         flags;          /* Optional params */
};

Of course nobody ever tells you this, but it's used in a shitload of
places.

Btw, did I mention that I'm running a stock debian powerpc 32-bit
userspace on my 64-bit machine. Oh and of course wext doesn't have any
32-in-64 compat code.

/me laughes manically about wext.

And don't tell me the fix is to use the netlink interface to wext.
Actually, I think it may have the same bug, it seems to be operating
with iw_point (or at least its size) too but I can't really tell, the
code's just too clear, I always just see right through it... Oh and I
still insist on removing the whole pile of junk, netlink interface
first.

Isn't there any possibility that we can kill userspace interfaces that
are terminally broken without keeping them for years to come?

Sorry. This is just too frustrating.

johannes
-- 
Now playing: Nightwish (Century Child) - End Of All Hope


Download attachment "signature.asc" of type "application/pgp-signature" (191 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ