Hi Greg, We spoke about this several months ago. Since then, there has been no life from any of the maintainers or anybody at Atmel. Meanwhile Dan Carpenter has posted a patch for a security vulnerability in ozwpan that hasn't been reviewed or merged. There is nobody willing to maintain it. And nobody who has relevant hardware has even said "hello". All of my connections to ozwpan have yielded zero success in trying to find a maintainer or anybody with even remote expertise. Clearly this is dead in the water. I would thus recommend you remove this buggy, insecure, and unmaintained driver from the tree. It simply didn't pass the "staging test". Regards, Jason On Tue, Jun 2, 2015 at 1:35 PM, Jason A. Donenfeld <Jason@xxxxxxxxx> wrote: > On Tue, Jun 2, 2015 at 3:35 AM, Greg Kroah-Hartman > <gregkh@xxxxxxxxxxxxxxxxxxx> wrote: >> I don't know, but I'm a bit loath to delete the driver from the tree as >> then people will just continue to use the version with all of the bugs. > > Yea, I understand that. Though, I'm pretty sure that most users of > ozwpan use old forks tied to old kernels, and do not use upstream > anyway. > >> If Atmel doesn't want to maintain the code anymore, do you want to do >> it? You can always send patches for this issue, as you seem to have the >> hardware and can do testing, which I can't. > > Thank you for the offer, and I would actually love to maintain a part > of the kernel. But I am likely the wrong man for ozwpan (inspite of > the Internet's claims of my wizardry [1]). The debugging I've done > thus far is on a readily available consumer embedded device, which I > was required to root and unsandbox and partake in other "security dark > magic" in order to get a decent debugging interface. My rig is rather > brittle and is likely to fall to pieces like aging solder at any > moment. I'd recommend this be maintained by someone with proper test > hardware and a suit of unit tests. This means: Atmel, or one of the > many clients to whom Atmel has sold high volumes of ozwpan chips. I'll > reach out where I can to see if I can find someone in a good position > to maintain it. > > [1] https://twitter.com/drgfragkos/status/598776229282578432 _______________________________________________ devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxx http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
