| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1335392802.2602.33.camel@bwh-desktop.uk.solarflarecom.com>
Date: Wed, 25 Apr 2012 23:26:42 +0100
From: Ben Hutchings <bhutchings@...arflare.com>
To: Jeff Mahoney <jeffm@...e.com>
CC: Network Development <netdev@...r.kernel.org>
Subject: Re: [PATCH] dl2k: Tighten ioctl permissions
On Wed, 2012-04-25 at 15:33 -0400, Jeff Mahoney wrote:
> dl2k's rio_ioctl function defines several ioctls that involve
> operations that should be denied to regular users.
>
> SIOCDEVPRIVATE + 2 is a renumbered SIOCSMIIREG.
There was an early convention that SIOCDEVPRIVATE + {0,1,2} were MDIO
operations. (This was a bad idea, because you can't safely send them to
an arbitrary driver... not that that stopped people doing it. Now it's
neither safe to send them from userland, nor to implement any other
semantics for these ioctl numbers in a driver.)
Please fix the numbering instead; it will make standard MII/MDIO
utilities work and the capability check (in dev_ioctl()) comes for free.
> SIOCDEVPRIVATE + 5 calls netif_stop_queue.
> SIOCDEVPRIVATE + 6 calls netif_wake_queue.
[...]
And SIOCDEVPRIVATE + {7,8} spam the kernel log, so they should perhaps
be considered privileged too.
Ben.
--
Ben Hutchings, Staff Engineer, Solarflare
Not speaking for my employer; that's the marketing department's job.
They asked us to note that Solarflare product names are trademarked.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists