On Mon, May 3, 2010 at 11:10 PM, Adel Gadllah <adel.gadllah@xxxxxxxxx> wrote: > 2010/5/3 Pavel Roskin <proski@xxxxxxx>: >> On Mon, 2010-05-03 at 22:48 +0200, Gábor Stefanik wrote: >> >>> One exception I can think of: major misconfiguration can cause a >>> wireless device to DMA data into sensitive memory locations. When >>> evidence of this is detected, it might make sense to BUG_ON() >>> (especially if the bogus DMA operations can be exploited remotely to >>> overwrite arbitrary memory addresses). However, in that case, the >>> attacker may have already overwritten panic() with malicious code as >>> well, so even this case doesn't hold. >> >> And then there is a case when encryption fails and there is a risk of >> transmitting data without encryption or accepting data without >> verification. > > So kill the connection rather than the whole system. Or maybe just drop the packet, as mac80211 AFAIK usually does. Perhaps print a WARN_ON to let developers know of the issue. But a BUG_ON is still excessive - I can't think of any way a WARN_ON + interface down may fail in preventing unencrypted data leak. -- Vista: [V]iruses, [I]ntruders, [S]pyware, [T]rojans and [A]dware. :-) -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
