lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <567BF1BB.50201@cogentembedded.com>
Date:	Thu, 24 Dec 2015 16:23:07 +0300
From:	Sergei Shtylyov <sergei.shtylyov@...entembedded.com>
To:	Sathya Perla <sathya.perla@...gotech.com>, netdev@...r.kernel.org
Subject: Re: [net-next PATCH 05/10] be2net: log digital signature errors while
 flashing FW image

Hello.

On 12/24/2015 12:26 PM, Sathya Perla wrote:

> From: Suresh Reddy <suresh.reddy@...gotech.com>
>
>  From FW version 11.0 onwards, the FW supports a new "secure mode" feature
> (based on a jumper setting on the adapter.) In this mode, the FW image when
> flashed is authenticated with a digital signature. This patch logs
> appropriate error messages and return a status to ethtool when errors
> relating to FW image authentication occur.
>
> Signed-off-by: Suresh Reddy <suresh.reddy@...gotech.com>
> Signed-off-by: Sathya Perla <sathya.perla@...gotech.com>
> ---
>   drivers/net/ethernet/emulex/benet/be_cmds.c | 11 +++++++++++
>   drivers/net/ethernet/emulex/benet/be_cmds.h |  4 +++-
>   2 files changed, 14 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/net/ethernet/emulex/benet/be_cmds.c b/drivers/net/ethernet/emulex/benet/be_cmds.c
> index da3b398..6fb7873 100644
> --- a/drivers/net/ethernet/emulex/benet/be_cmds.c
> +++ b/drivers/net/ethernet/emulex/benet/be_cmds.c
> @@ -2959,6 +2959,17 @@ flash:
>   		} else if (status) {
>   			dev_err(dev, "Flashing section type 0x%x failed\n",
>   				img_type);
> +			if (addl_status(status) ==
> +			    MCC_ADDL_STATUS_MISSING_SIGNATURE) {
> +				dev_err(dev,
> +					"Digital signature missing in FW\n");
> +				return -EINVAL;
> +			} else if (addl_status(status) ==
> +				   MCC_ADDL_STATUS_INVALID_SIGNATURE) {
> +				dev_err(dev,
> +					"Invalid digital signature in FW\n");
> +				return -EINVAL;
> +			}

    Asks to be a *switch* statement.

[...]

MBR, Sergei

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ