lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:	Fri, 08 May 2015 12:57:48 -0400
From:	Jonathan Toppins <>
To:	"Rustad, Mark D" <>,
	Alexander Duyck <>
CC:	"Kirsher, Jeffrey T" <>,
	"Brandeburg, Jesse" <>,
	"Nelson, Shannon" <>,
	"Wyborny, Carolyn" <>,
	"Skidmore, Donald C" <>,
	"Vick, Matthew" <>,
	"Ronciak, John" <>,
	"Williams, Mitch A" <>,
	"" <>,
	"" <>,
	"" <>,
	"" <>,
	Alan Liebthal <>
Subject: Re: [PATCH v1 net-next 2/2] igb: support SIOCSMIIREG

On 5/7/15 4:46 PM, Rustad, Mark D wrote:
>> On May 7, 2015, at 10:52 AM, Alexander Duyck <> wrote:
>>> diff --git a/drivers/net/ethernet/intel/igb/igb_main.c b/drivers/net/ethernet/intel/igb/igb_main.c
>>> index 720b785..1071a71 100644
>>> --- a/drivers/net/ethernet/intel/igb/igb_main.c
>>> +++ b/drivers/net/ethernet/intel/igb/igb_main.c
>>> @@ -7141,6 +7141,11 @@ static int igb_mii_ioctl(struct net_device *netdev, struct ifreq *ifr, int cmd)
>>>   			return -EIO;
>>>   		break;
>>>   	case SIOCSMIIREG:
>>> +		adapter->hw.phy.addr = data->phy_id;
>>> +		if (igb_write_phy_reg(&adapter->hw, data->reg_num & 0x1F,
>>> +				      data->val_in))
>>> +			return -EIO;
>>> +		break;
>>>   	default:
>>>   		return -EOPNOTSUPP;
>>>   	}
>> How and why is this being used?  From what I can tell it looks like it is an easy way to break any of the existing interfaces if it is misused since all you would need to do is specify a phy address that doesn't match the existing PHY in the system and then you would likely lose link, or possibly mess up the configuration on the system requiring.
>> I suspect this is a back door for some piece of user space code that is being given far more permission than it should be.
> I don't know about a back door, but the real problem is that it has a
> side-effect of changing the saved value of the phy addr. That is clearly
> a problem and can't be allowed.

This patch was worse before... it had changes in SIOGMIIREG that had 
similar side-effects, missed this one.

Checking with some of the platform people here this patch can be 
dropped. We don't use it as a backdoor of any kind it was mainly used 
for debugging/guess-what-the-phy-addr-was when we originally got the boards.
> For the phylib stuff to really work as intended, the igb_write_phy_reg
> really should take the phy address as a parameter instead of getting
> the value from the structure itself. Or a new function should be
> defined that has that interface.
> --
> Mark Rustad, Networking Division, Intel Corporation

To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to
More majordomo info at

Powered by blists - more mailing lists