| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <4835B5C0.2000701@pobox.com> Date: Thu, 22 May 2008 14:04:48 -0400 From: Jeff Garzik <jgarzik@...ox.com> To: glenn_engel@...lent.com CC: netdev@...r.kernel.org Subject: Re: natsemi.c ioctl fix or mii register access glenn_engel@...lent.com wrote: > Hi, > > I recently discovered the ioctl implementation in natsemi.c had a few bugs in dealing with the user ioctls to send and receive MII commands (SIOCGMIIPHY and SIOCSMIIPHY). > > The specific problems noted and fixed: > > 1. The if_mii macro casts it's return to be (struct mii_ioctl_data *) but in reality it returns a pointer to the user space pointer (struct mii_ioctl_data**). This looks to be a problem with the mii_macro to me. I changed this to use the ifr_data macro instead. > > 2. Since the mii_ioctl_data structure resides in user space, it must be copied into kernel space before access and copied back for read results. References to the pointer were changed to point to the local copy (data-> changed to mii_data.) This is completely incorrect. The copying is done for us inside net core. Jeff -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists