| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <03ff979e-a621-c9a3-9be3-13677c147f91@pengutronix.de>
Date: Fri, 6 Mar 2020 15:12:48 +0100
From: Marc Kleine-Budde <mkl@...gutronix.de>
To: David Miller <davem@...emloft.net>, socketcan@...tkopp.net
Cc: linux-can@...r.kernel.org, netdev@...r.kernel.org,
syzbot+c3ea30e1e2485573f953@...kaller.appspotmail.com,
dvyukov@...gle.com, j.vosburgh@...il.com, vfalico@...il.com,
andy@...yhouse.net, stable@...r.kernel.org
Subject: Re: [PATCH] bonding: do not enslave CAN devices
On 3/2/20 8:12 PM, David Miller wrote:
> From: Oliver Hartkopp <socketcan@...tkopp.net>
> Date: Mon, 2 Mar 2020 09:45:41 +0100
>
>> I don't know yet whether it makes sense to have CAN bonding/team
>> devices. But if so we would need some more investigation. For now
>> disabling CAN interfaces for bonding/team devices seems to be
>> reasonable.
>
> Every single interesting device that falls into a special use case
> like CAN is going to be tempted to add a similar check.
>
> I don't want to set this precedence.
>
> Check that the devices you get passed are actually CAN devices, it's
> easy, just compare the netdev_ops and make sure they equal the CAN
> ones.
Sorry, I'm not really sure how to implement this check.
Should I maintain a list of all netdev_ops of all the CAN devices (=
whitelist) and the compare against that list? Having a global list of
pointers to network devices remind me of the old days of kernel-2.4.
regards,
Marc
--
Pengutronix e.K. | Marc Kleine-Budde |
Embedded Linux | https://www.pengutronix.de |
Vertretung West/Dortmund | Phone: +49-231-2826-924 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
Powered by blists - more mailing lists