lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20080425011540.GA30152@google.com>
Date:	Thu, 24 Apr 2008 18:15:40 -0700
From:	Mandeep Singh Baines <msb@...gle.com>
To:	Breno Leitao <leitao@...ux.vnet.ibm.com>
Cc:	David Miller <davem@...emloft.net>, thockin@...gle.com,
	netdev@...r.kernel.org, jeff@...zik.org, joe@...ches.com,
	nil@...gle.com, matthew@....cx
Subject: Re: [PATCH] [ETHTOOL]: Add support for large eeproms

Hi Breno,

My bad. You are correct. There is a bug. In the ethtool user-space app, tg3
and natsemi over-ride the default implementation of dump_eeprom(). In both
tg3_dump_eeprom() and natsemi_dump_eeprom(), there is a magic number check
which is not present in the default implementation.

When fixing the ethtool interface to read large EEPROMs, I snipped the code
which copied the ethtool_eeprom structure back to user-space. I thought it
was read-only. Oops. Looks like tg3 and natsemi are over-writing the magic
number field and then checking it in user-space.

The fix is simple. Add the ethtool_eeprom copy back. I will test and send out
a patch shortly.

Thanks much for finding this:)

Regards,
Mandeep

Breno Leitao (leitao@...ux.vnet.ibm.com) wrote:
> Mandeep,
> 
> Mandeep Singh Baines wrote:
> >I suspect you may have mis-applied the patch. The patch changes both
> >set_eeprom and get_eeprom. I think you may have modified get_eeprom to call
> >ops->set_eeprom instead of ops->get_eeprom. If not, please send me 
> >ethtool.c
> >and tg3.c and I can take a look.
> 
> Well, IMHO the patch is correctly applied as I could see. I just got the 
> David's tree and run a diff between the ethtool.c files (from David's 
> tree and mine), and I get the following differences. Note that I just 
> add a printk() there to "debug" what was going on.
> 
> static int ethtool_get_eeprom(struct net_device *dev, void __user *useraddr)
> {
>        struct ethtool_eeprom eeprom;
> -       const struct ethtool_ops *ops = dev->ethtool_ops;
> +       struct ethtool_ops *ops = dev->ethtool_ops;
>        void __user *userbuf = useraddr + sizeof(eeprom);
>        u32 bytes_remaining;
>        u8 *data;
>        int ret = 0;
> 
> +       printk("<1> ethtool_get_eeprom()\n");
>        if (!ops->get_eeprom || !ops->get_eeprom_len)
>                return -EOPNOTSUPP;
> 
> @@ -330,12 +330,13 @@ static int ethtool_get_eeprom(struct net
> static int ethtool_set_eeprom(struct net_device *dev, void __user 
> *useraddr)
> {
>        struct ethtool_eeprom eeprom;
> -       const struct ethtool_ops *ops = dev->ethtool_ops;
> +       struct ethtool_ops *ops = dev->ethtool_ops;
>        void __user *userbuf = useraddr + sizeof(eeprom);
>        u32 bytes_remaining;
>        u8 *data;
>        int ret = 0;
> 
> +       printk("<1> ethtool_set_eeprom()\n");
>        if (!ops->set_eeprom || !ops->get_eeprom_len)
>                return -EOPNOTSUPP;
> 
> 
> The patched ethtool.c is at  http://rafb.net/p/fWXNwk28.html and tg3.c 
> is at http://rapidshare.com/files/110139941/tg3.c.html
> 
> --
> Breno Leitão
> leitao@...ux.vnet.ibm.com
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ