lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Mon, 14 May 2012 12:22:16 -0400
From:	valdis.kletnieks@...edu
To:	Gustavo Padovan <gustavo@...ovan.org>
Cc:	linville@...driver.com, davem@...emloft.net,
	linux-wireless@...r.kernel.org, linux-bluetooth@...r.kernel.org,
	linux-kernel@...r.kernel.org, netdev@...r.kernel.org
Subject: Re: [PATCH 1/2] Bluetooth: notify userspace of security level change

On Sun, 13 May 2012 03:20:07 -0300, Gustavo Padovan said:

> It enables the userspace a security level change when the socket is
> already connected and create a way to notify the socket the result of the
> request. At the moment of the request the socket is made non writable, if
> the request fails the connections closes, otherwise the socket is made
> writable again, POLL_OUT is emmited.

What happens to in-flight data already written but not yet consumed?  I'm
smelling a possible race condition with data sent under the old level but
read under the new level....

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ