lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Tue, 12 Jun 2018 09:22:36 -0400
From:   Alexander Aring <aring@...atatu.com>
To:     Michael Richardson <mcr+ietf@...delman.ca>
Cc:     netdev@...r.kernel.org, linux-wpan@...r.kernel.org,
        linux-bluetooth@...r.kernel.org
Subject: Re: netdevice notifier and device private data

Hi,

On Sun, Jun 10, 2018 at 10:09:39PM -0400, Michael Richardson wrote:
> 
> Alexander Aring <aring@...atatu.com> wrote:
>     >> It totally seems like broken behaviour.  Maybe it's not even
>     >> intentional.  Maybe they are just foobar.
> 
>     > They simple don't know what they doing... somebody thought 6LoWPAN need
>     > to be 6LoWPAN, but they actually don't use the 6LoWPAN handling inside
>     > the kernel. _Except_ they doing out of tree stuff which I don't
>     > believe.
> 
> So, it seems like this ioctl() should be disabled, or restricted to cases
> that actually work.  hate to break their code, but if it's broken anyway, at
> least the kernel won't crash under them.
> 

before we breaking their software I will gentle ask before why they
doing that and I get a good reason then. Then we look more how we deal
with an illegal read/dereference in dev->priv.

I will figure out how I can do that over github.

- Alex

Powered by blists - more mailing lists