On Wed, 5 Jan 2011, Pete Zaitcev wrote: > On Wed, 5 Jan 2011 11:42:51 -0500 (EST) > Alan Stern <stern@xxxxxxxxxxxxxxxxxxx> wrote: > > > One aspect of this worries me: By copying the entire buffer, we risk > > leaking kernel data. What do you think? Should mon_submit() > > zero out the buffer for isochronous-IN transfers? > > I'm surprised that an access to keystrokes and/or filesystem data does > not bother you, but some random kernel data is a problem. In principle, a user may have permission to examine the data stream going to a particular USB device or bus. (I admit, bus is much less likely than device, and usbmon is not per-device.) That doesn't mean the user should have permission to examine random kernel memory. > I'll look at the patch, thanks. Probably the previous one was incomplete. Do you have a pointer to the old one? Alan Stern -- To unsubscribe from this list: send the line "unsubscribe linux-usb" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
