Ozwpan Driver: Removal Recommended

From: Jason A. Donenfeld
Date: Mon Aug 10 2015 - 09:31:35 EST

Next message: Eric Auger: "[PATCH v5 0/5] KVM: irqfd consumer based on IRQ bypass manager"
Previous message: Thierry Reding: "Re: [PATCH RFC 2/5] drm/msm/hdmi: make use of standard gpio properties."
Next in thread: Jason A. Donenfeld: "Re: Ozwpan Driver: Removal Recommended"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Greg,

We spoke about this several months ago. Since then, there has been no
life from any of the maintainers or anybody at Atmel. Meanwhile Dan
Carpenter has posted a patch for a security vulnerability in ozwpan
that hasn't been reviewed or merged. There is nobody willing to
maintain it. And nobody who has relevant hardware has even said
"hello". All of my connections to ozwpan have yielded zero success in
trying to find a maintainer or anybody with even remote expertise.
Clearly this is dead in the water.

I would thus recommend you remove this buggy, insecure, and
unmaintained driver from the tree. It simply didn't pass the "staging
test".

Regards,
Jason

On Tue, Jun 2, 2015 at 1:35 PM, Jason A. Donenfeld <Jason@xxxxxxxxx> wrote:
> On Tue, Jun 2, 2015 at 3:35 AM, Greg Kroah-Hartman
> <gregkh@xxxxxxxxxxxxxxxxxxx> wrote:
>> I don't know, but I'm a bit loath to delete the driver from the tree as
>> then people will just continue to use the version with all of the bugs.
>
> Yea, I understand that. Though, I'm pretty sure that most users of
> ozwpan use old forks tied to old kernels, and do not use upstream
> anyway.
>
>> If Atmel doesn't want to maintain the code anymore, do you want to do
>> it? You can always send patches for this issue, as you seem to have the
>> hardware and can do testing, which I can't.
>
> Thank you for the offer, and I would actually love to maintain a part
> of the kernel. But I am likely the wrong man for ozwpan (inspite of
> the Internet's claims of my wizardry [1]). The debugging I've done
> thus far is on a readily available consumer embedded device, which I
> was required to root and unsandbox and partake in other "security dark
> magic" in order to get a decent debugging interface. My rig is rather
> brittle and is likely to fall to pieces like aging solder at any
> moment. I'd recommend this be maintained by someone with proper test
> hardware and a suit of unit tests. This means: Atmel, or one of the
> many clients to whom Atmel has sold high volumes of ozwpan chips. I'll
> reach out where I can to see if I can find someone in a good position
> to maintain it.
>
> [1] https://twitter.com/drgfragkos/status/598776229282578432
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Eric Auger: "[PATCH v5 0/5] KVM: irqfd consumer based on IRQ bypass manager"
Previous message: Thierry Reding: "Re: [PATCH RFC 2/5] drm/msm/hdmi: make use of standard gpio properties."
Next in thread: Jason A. Donenfeld: "Re: Ozwpan Driver: Removal Recommended"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]