15 probable security holes in 2.4.5-ac8

15 probable security holes in 2.4.5-ac8

Post by Joerg Reute » Tue, 12 Jun 2001 23:00:11




Subject: Re: [CHECKER] 15 probable security holes in 2.4.5-ac8
Date: Mon, 11 Jun 2001 15:45:07 +0200 (CEST)

Quote:>> [BUG] (but i'm not sure whey we're missing the initial irq).
>> /u2/engler/mc/oses/linux/2.4.5-ac8/drivers/net/hamradio/scc.c:1772:scc_net_ioctl: ERROR:RANGE:1762:1772: Using user length "irq"as an array index for "Ivec" set by 'copy_from_user':1762 [val=1000]
>>                        if (!arg) return -EFAULT;

>Thats a real bug for other reaosns.

Nah, just a misconception (NB: the whole scc driver initialization is *
anyway -- but that part was written before we even had procfs; the next
version will use procfs, but I'm not quite convinced that my current
approach for the rewrite is correct. Fact is that the driver has to support
far too many different parameters). The next version will also use
the ISR of your z85230 HDLC driver, the z8530 seems to occasionally
overwrite it's interrupt vector register with new status information
before the old one was read.

Quote:> the iRQ might be > 16 on APIC using hosts

They won't assign IRQs above 15 for ISA cards, will they?

I gravely hope that nobody gets the idea to design a PCI card
for the Z8530 without bus master DMA...

Quote:>or non x86

Granted. But I've no reports that anyone actually tried that,
especially as the (unmodified) driver is only useful for packet radio
purposes.

Quote:>Both fixed

How? ;-)

73,
--
Joerg Reuter DL1BKE                             http://www.veryComputer.com/
And I make my way to where the warm scent of soil fills the evening air.
Everything is waiting quietly out there....                 (Anne Clark)

  application_pgp-signature_part
< 1K Download
 
 
 

15 probable security holes in 2.4.5-ac8

Post by John Chris Wre » Tue, 12 Jun 2001 23:20:07


[snip]
Quote:

> I gravely hope that nobody gets the idea to design a PCI card
> for the Z8530 without bus master DMA...

[snip]

What someone *really* needs to do is design a Z8530 adapter with a USB
interface.  The amateur radio community (well, the 56K'ers, at any rate),
would love such a device.  The PI2 card is a flakey beast, at best.

--John

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in

More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

 
 
 

15 probable security holes in 2.4.5-ac8

Post by Alan Co » Wed, 13 Jun 2001 01:40:08


Quote:> What someone *really* needs to do is design a Z8530 adapter with a USB
> interface.  The amateur radio community (well, the 56K'ers, at any rate),
> would love such a device.  The PI2 card is a flakey beast, at best.

You would be much better off attaching a straight ADC/DAC at say up to
256Kbits/8bit sampling and some control lines to the USB. That would also
let people dumb the ridiculous 1960's technology they insist on using and
run serious stuff like adaptive encoders, golay codecs and the like and
bring amateur packet radio out of the stone age

Alan

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in

More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

 
 
 

15 probable security holes in 2.4.5-ac8

Post by Alan Co » Wed, 13 Jun 2001 01:40:05


Quote:> Granted. But I've no reports that anyone actually tried that,
> especially as the (unmodified) driver is only useful for packet radio
> purposes.

> >Both fixed

> How? ;-)

NR_IRQS is defined by each port. I used that. Its the blunt instrument approach
until you do it nicely 8)

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in

More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

 
 
 

15 probable security holes in 2.4.5-ac8

Post by John Chris Wre » Wed, 13 Jun 2001 02:00:15


Quote:

> > What someone *really* needs to do is design a Z8530 adapter with a USB
> > interface.  The amateur radio community (well, the 56K'ers, at
> any rate),
> > would love such a device.  The PI2 card is a flakey beast, at best.

> You would be much better off attaching a straight ADC/DAC at say up to
> 256Kbits/8bit sampling and some control lines to the USB. That would also
> let people dumb the ridiculous 1960's technology they insist on using and
> run serious stuff like adaptive encoders, golay codecs and the like and
> bring amateur packet radio out of the stone age

> Alan

Ideally, yes.  However, client side DSP at these kinds of data rates still
isn't practical.  Most people are lucky if they can get 9600 baud, although
admittedly some of that is a function of trying to use a standard sound card
with it's limited input bandwidth (apx 22Khz).

It also doesn't solve the bigger problem, which is existing 56K users that
want to upgrade machines, but can't, because the PI2 card flakes out in
almost all systems that have PCI.  The card has some timing issues to start
with, and are aggrevated by how almost all PCI chipsets implement the ISA
bus side.

I don't currently have my 56K station up, but I keep an old ISA only
486DX/80 system around just so I can use the card once I get in a position
to (living on a houseboat creates some space problems for both machines, and
antennas).

I don't know if you're familiar with the Heatherington 56K design or not,
but there's some information at his website, www.wa4dsy.org.  Dale, for
those that don't know, was one of the 2 (or 3, depending on how you count)
founders of Hayes Microcomputer (D.C. Hayes, at the time), and did the
SB-103 and Smartmodem-300 designs, plus many other designs.

-- John

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in

More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

 
 
 

15 probable security holes in 2.4.5-ac8

Post by Alan Co » Wed, 13 Jun 2001 02:10:07


Quote:> Ideally, yes.  However, client side DSP at these kinds of data rates still
> isn't practical.  Most people are lucky if they can get 9600 baud, although
> admittedly some of that is a function of trying to use a standard sound card
> with it's limited input bandwidth (apx 22Khz).

A P200 can do the DSP work required to do 9600 baud with full FEC. I doubt
you'll find USB on anything slower

Quote:> I don't know if you're familiar with the Heatherington 56K design or not,

Not really. The last interesting thing I looked at was shifting arcnet into
the 10GHz band for 1Mbit point to point links

Quote:> but there's some information at his website, www.wa4dsy.org.  Dale, for

I recognize the call tho -  NOS supported some of his stuff

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in

More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

 
 
 

15 probable security holes in 2.4.5-ac8

Post by Riley William » Wed, 13 Jun 2001 07:00:09


Hi Alan.

 >> Ideally, yes.  However, client side DSP at these kinds of data
 >> rates still isn't practical.  Most people are lucky if they can
 >> get 9600 baud, although admittedly some of that is a function of
 >> trying to use a standard sound card with it's limited input
 >> bandwidth (apx 22Khz).

 > A P200 can do the DSP work required to do 9600 baud with full
 > FEC. I doubt you'll find USB on anything slower

I can list two machines with USB that are slower - and I run both of
them...

 1. P166 (non-MMX) based, with USB on the motherboard. Currently
    unused, but I plan on plugging a digital camera SmartMedia card
    reader into it when I get one.

 2. 486dx4/120 with USB on a plug in ISA-bus card (I'm not joking
    either).

I'll admit that I was surprised to come across that ISA-bus USB card
at a local radio rally, but as they only wanted 2.50 for it, I paid
the pennies and tried it out. It works fine for my scanner interface
although I've never tried it for anything else.

Best wishes from Riley.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in

More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/