From: Oliver Hartkopp <socketcan@hartkopp.net>
To: David Miller <davem@davemloft.net>
Cc: urs@isnogud.escape.de, netdev@vger.kernel.org,
drosenberg@vsecurity.com, security@kernel.org,
torvalds@linux-foundation.org
Subject: Re: [PATCH] Fix CAN info leak/minor heap overflow
Date: Wed, 10 Nov 2010 07:52:27 +0100 [thread overview]
Message-ID: <4CDA412B.90900@hartkopp.net> (raw)
In-Reply-To: <20101109.090523.189685701.davem@davemloft.net>
On 09.11.2010 18:05, David Miller wrote:
> From: Oliver Hartkopp <socketcan@hartkopp.net>
> Date: Tue, 09 Nov 2010 08:52:21 +0100
>
>> Once this patch is applied (and the procfs layout is changed anyway), i'd also
>> like to send a patch from my backlog that would extend the procfs output for
>> can-bcm with an additional drop counter.
>
> I find this kind of discussion extremely disappointing.
>
> All of this stuff you CAN guys do with procfs files and version
> strings is completely wrong and bogus.
>
> Once you create a procfs file layout, you're basically stuck and you
> can at best only reasonably add new fields at the end, you can't
> really change existing fields.
>
> And sysfs would have been a lot more appropriate, you could use
> attributes for each value you want to export and then just add new
> sysfs attributes when you want to export new values which has very
> clear semantics and backwards compatability implications.
I admit that from my todays knowledge i would have done things differently.
But the network layer information bits have been always exposed in /proc/net
as it was in 2003 when we started the implementation on a 2.4.x kernel.
There are netdriver infos in sysfs but no netlayer entries.
>From my point of view the only thing could be to improve the current
situation, which the posted patch does:
- remove kernel addresses that were only relevant at implementation time
- allow AF_CAN protocols to provide their own information due to their needs
- provide inode numbers that can be found in procfs at several places
=> improvements for developers in userspace & kernelspace
The patch has been discussed on SocketCAN ML and the filter entries have not
been identified as a problem for userspace tools. E.g. /proc/net/can/stats is
one of the entries that's used by userspace tools.
IMHO the patch improves the historic situation and fixes the useless leakage
of kernel addresses. Please consider to apply that procfs changes.
Best regards,
Oliver
next prev parent reply other threads:[~2010-11-10 6:52 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-11-02 18:28 [SECURITY] CAN info leak/minor heap overflow Dan Rosenberg
2010-11-02 19:43 ` Oliver Hartkopp
2010-11-02 19:53 ` Dan Rosenberg
2010-11-02 19:57 ` [Security] " Linus Torvalds
2010-11-02 20:19 ` Oliver Hartkopp
2010-11-02 20:16 ` Oliver Hartkopp
2010-11-05 18:33 ` [PATCH] Fix " Urs Thuermann
2010-11-09 7:52 ` Oliver Hartkopp
2010-11-09 17:05 ` David Miller
2010-11-10 6:52 ` Oliver Hartkopp [this message]
2010-11-10 17:51 ` David Miller
2010-11-10 22:10 ` Oliver Hartkopp
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4CDA412B.90900@hartkopp.net \
--to=socketcan@hartkopp.net \
--cc=davem@davemloft.net \
--cc=drosenberg@vsecurity.com \
--cc=netdev@vger.kernel.org \
--cc=security@kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=urs@isnogud.escape.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).