Re: [RFC]How else could a malicious device sabotage endpoints for usbnet

[RFC]How else could a malicious device sabotage endpoints for usbnet · Oliver Neukum <oneukum@suse.com> · 2021-12-09
Re: [RFC]How else could a malicious device sabotage endpoints for usbnet · Greg KH <hidden> · 2021-12-09
Re: [RFC]How else could a malicious device sabotage endpoints for usbnet · Oliver Neukum <oneukum@suse.com> · 2021-12-15
Re: [RFC]How else could a malicious device sabotage endpoints for usbnet · Greg KH <gregkh@linuxfoundation.org> · 2021-12-15
Re: [RFC]How else could a malicious device sabotage endpoints for usbnet · Oliver Neukum <oneukum@suse.com> · 2021-12-16
Re: [RFC]How else could a malicious device sabotage endpoints for usbnet · Greg KH <gregkh@linuxfoundation.org> · 2021-12-21
Re: [RFC]How else could a malicious device sabotage endpoints for usbnet · Oliver Neukum <oneukum@suse.com> · 2021-12-21

From: Oliver Neukum <oneukum@suse.com>
Date: 2021-12-16 10:16:33

On 15.12.21 15:57, Greg KH wrote:

On Wed, Dec 15, 2021 at 03:47:55PM +0100, Oliver Neukum wrote:

quoted

On 09.12.21 16:47, Greg KH wrote:

quoted

Why not use usb_find_common_endpoints() and/or the other helper
functions instead? that's what they were created for.

Hi,

which one would I use? In this case I already know the endpoints
to be verified.

I have no context here so I have no idea, sorry.

usbnet has three ways to match the endpoints

1) the subdriver provides a method

2) a heuristic to find the endpoints is used (that should be converted
to the new API)

3) they are given nummerically by the subdriver

It turns out that #3 needs to verify the endpoints against malicious
devices.
So the following questions

a) should that verification go into usbcore
b) what possible ways for a malicious device to spoof us can you come
up with

    Regards
        Oliver

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help