Message ID | 20230731045216.3779420-1-linma@zju.edu.cn |
---|---|
State | New |
Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org> Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:918b:0:b0:3e4:2afc:c1 with SMTP id s11csp1809192vqg; Sun, 30 Jul 2023 22:26:54 -0700 (PDT) X-Google-Smtp-Source: APBJJlH6FogfOE1XVEXQH691/TQ2X5pg6eG6dhPC416uDKXQuPW2fw5Aztz5y/RujCX4k+Wj0iAf X-Received: by 2002:a17:906:8a5c:b0:991:37d2:c9f0 with SMTP id gx28-20020a1709068a5c00b0099137d2c9f0mr6417357ejc.68.1690781214293; Sun, 30 Jul 2023 22:26:54 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1690781214; cv=none; d=google.com; s=arc-20160816; b=CGNaNcSPTagQqpwTqKyI73HaeSIKKLPWqvHkZ0Fxu9M+SSVGisqdmP+jlO4Z874Ovm 8WgZcN8C79A8p9YhkV8J8tTU9ExEwswcPbc9x1P4kYZjSaAvOZ9zNyLivmYUKYzXDMy9 Qp3r63Nv2R9wB+F8u4fnNFeGD0DDChe9NH/h8uUZ78DImmCh85BIXrO7AXdHk9tpL0B9 l5+fN1R7Ujc9u821JzSur+WWn3pxROjYtakfwlI7RhOU+cjU2REF9KvBvttFlEOrooKI aqNe7Fy2t3pr3D013n2NJnO/L+9kRP27JYTewtZKWrDP/eOywcvuVWrZuayv0pQ6BTRy vBVw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:message-id:date:subject:to:from; bh=Q0qNQ0vvHl5gLeXKgqR/QvXht9wkXawF4MtGxYeYPpY=; fh=loJfFpRqtg1i5sWIs/sbz9k3RYAMsR5QNwwII7gPDYo=; b=O0s1MzoWzvJr+GrG8ByifDbiVucZqiXZ/Qptx3NpNe6CEt6YgD4f/VoEAcdXil/CKc umFfWeZD6Iem9Zv+7uIHgPO36Unpd7aJbmfdlTtertpmI+PxEnSOPe2Gm9d7srZqo9JE 0EXKkIH21d4XW1/wQ+NBrnRBTHFZG09kRAW90+MFr6efKtV29l677ucJumMDxW2VYked TLdi8GVBMsb7aSokLA4lyV/2x0jIWAWprZe0xxguzniei+PfhOG/xxGfsdS4fjHUObCk yvGs8lRQqj/OWSyyGtMhNc8UnNMlJJP/1dNjeYu4NOc92uB3oZPHvB89h66R2Bw1C7qf JbTg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id s17-20020a1709064d9100b0099bcbaa2430si6473474eju.46.2023.07.30.22.26.30; Sun, 30 Jul 2023 22:26:54 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229737AbjGaExK (ORCPT <rfc822;dengxinlin2429@gmail.com> + 99 others); Mon, 31 Jul 2023 00:53:10 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42460 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229452AbjGaExH (ORCPT <rfc822;linux-kernel@vger.kernel.org>); Mon, 31 Jul 2023 00:53:07 -0400 Received: from azure-sdnproxy.icoremail.net (azure-sdnproxy.icoremail.net [52.237.72.81]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 0A974CA; Sun, 30 Jul 2023 21:53:02 -0700 (PDT) Received: from localhost.localdomain (unknown [125.120.146.22]) by mail-app4 (Coremail) with SMTP id cS_KCgDXSa0GPsdkNEViCg--.52208S4; Mon, 31 Jul 2023 12:52:23 +0800 (CST) From: Lin Ma <linma@zju.edu.cn> To: davem@davemloft.net, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com, daniel.machon@microchip.com, petrm@nvidia.com, linma@zju.edu.cn, peter.p.waskiewicz.jr@intel.com, jeffrey.t.kirsher@intel.com, alexander.h.duyck@intel.com, netdev@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH net v1] net: dcb: choose correct policy to parse DCB_ATTR_BCN Date: Mon, 31 Jul 2023 12:52:16 +0800 Message-Id: <20230731045216.3779420-1-linma@zju.edu.cn> X-Mailer: git-send-email 2.17.1 X-CM-TRANSID: cS_KCgDXSa0GPsdkNEViCg--.52208S4 X-Coremail-Antispam: 1UD129KBjvJXoWxWw1xKw1DWFW5XF43Ar17Awb_yoW5CF1Dpa 4vgrykCayUJ3sxGr4DuFZY9ayxWw1UCr4UGr1UWFyIyFy7tFn3K347GFyFgw10vF42vrZ7 ur1Y9343ta15X3JanT9S1TB71UUUUUUqnTZGkaVYY2UrUUUUjbIjqfuFe4nvWSU5nxnvy2 9KBjDU0xBIdaVrnRJUUUvj14x267AKxVW8JVW5JwAFc2x0x2IEx4CE42xK8VAvwI8IcIk0 rVWrJVCq3wAFIxvE14AKwVWUJVWUGwA2ocxC64kIII0Yj41l84x0c7CEw4AK67xGY2AK02 1l84ACjcxK6xIIjxv20xvE14v26w1j6s0DM28EF7xvwVC0I7IYx2IY6xkF7I0E14v26r4U JVWxJr1l84ACjcxK6I8E87Iv67AKxVW0oVCq3wA2z4x0Y4vEx4A2jsIEc7CjxVAFwI0_Gc CE3s1le2I262IYc4CY6c8Ij28IcVAaY2xG8wAqx4xG64xvF2IEw4CE5I8CrVC2j2WlYx0E 2Ix0cI8IcVAFwI0_Jr0_Jr4lYx0Ex4A2jsIE14v26r1j6r4UMcvjeVCFs4IE7xkEbVWUJV W8JwACjcxG0xvY0x0EwIxGrwACjI8F5VA0II8E6IAqYI8I648v4I1lFIxGxcIEc7CjxVA2 Y2ka0xkIwI1l42xK82IYc2Ij64vIr41l4I8I3I0E4IkC6x0Yz7v_Jr0_Gr1lx2IqxVAqx4 xG67AKxVWUJVWUGwC20s026x8GjcxK67AKxVWUGVWUWwC2zVAF1VAY17CE14v26r1q6r43 MIIYrxkI7VAKI48JMIIF0xvE2Ix0cI8IcVAFwI0_Jr0_JF4lIxAIcVC0I7IYx2IY6xkF7I 0E14v26r4j6F4UMIIF0xvE42xK8VAvwI8IcIk0rVWUJVWUCwCI42IY6I8E87Iv67AKxVWU JVW8JwCI42IY6I8E87Iv6xkF7I0E14v26r4j6r4UJbIYCTnIWIevJa73UjIFyTuYvjfUoO J5UUUUU X-CM-SenderInfo: qtrwiiyqvtljo62m3hxhgxhubq/ X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: <linux-kernel.vger.kernel.org> X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772912602779978122 X-GMAIL-MSGID: 1772912602779978122 |
Series |
[net,v1] net: dcb: choose correct policy to parse DCB_ATTR_BCN
|
|
Commit Message
Lin Ma
July 31, 2023, 4:52 a.m. UTC
The dcbnl_bcn_setcfg uses erroneous policy to parse tb[DCB_ATTR_BCN],
which is introduced in commit 859ee3c43812 ("DCB: Add support for DCB
BCN"). Please see the comment in below code
static int dcbnl_bcn_setcfg(...)
{
...
ret = nla_parse_nested_deprecated(..., dcbnl_pfc_up_nest, .. )
// !!! dcbnl_pfc_up_nest for attributes
// DCB_PFC_UP_ATTR_0 to DCB_PFC_UP_ATTR_ALL in enum dcbnl_pfc_up_attrs
...
for (i = DCB_BCN_ATTR_RP_0; i <= DCB_BCN_ATTR_RP_7; i++) {
// !!! DCB_BCN_ATTR_RP_0 to DCB_BCN_ATTR_RP_7 in enum dcbnl_bcn_attrs
...
value_byte = nla_get_u8(data[i]);
...
}
...
for (i = DCB_BCN_ATTR_BCNA_0; i <= DCB_BCN_ATTR_RI; i++) {
// !!! DCB_BCN_ATTR_BCNA_0 to DCB_BCN_ATTR_RI in enum dcbnl_bcn_attrs
...
value_int = nla_get_u32(data[i]);
...
}
...
}
That is, the nla_parse_nested_deprecated uses dcbnl_pfc_up_nest
attributes to parse nlattr defined in dcbnl_pfc_up_attrs. But the
following access code fetch each nlattr as dcbnl_bcn_attrs attributes.
By looking up the associated nla_policy for dcbnl_bcn_attrs. We can find
the beginning part of these two policies are "same".
static const struct nla_policy dcbnl_pfc_up_nest[...] = {
[DCB_PFC_UP_ATTR_0] = {.type = NLA_U8},
[DCB_PFC_UP_ATTR_1] = {.type = NLA_U8},
[DCB_PFC_UP_ATTR_2] = {.type = NLA_U8},
[DCB_PFC_UP_ATTR_3] = {.type = NLA_U8},
[DCB_PFC_UP_ATTR_4] = {.type = NLA_U8},
[DCB_PFC_UP_ATTR_5] = {.type = NLA_U8},
[DCB_PFC_UP_ATTR_6] = {.type = NLA_U8},
[DCB_PFC_UP_ATTR_7] = {.type = NLA_U8},
[DCB_PFC_UP_ATTR_ALL] = {.type = NLA_FLAG},
};
static const struct nla_policy dcbnl_bcn_nest[...] = {
[DCB_BCN_ATTR_RP_0] = {.type = NLA_U8},
[DCB_BCN_ATTR_RP_1] = {.type = NLA_U8},
[DCB_BCN_ATTR_RP_2] = {.type = NLA_U8},
[DCB_BCN_ATTR_RP_3] = {.type = NLA_U8},
[DCB_BCN_ATTR_RP_4] = {.type = NLA_U8},
[DCB_BCN_ATTR_RP_5] = {.type = NLA_U8},
[DCB_BCN_ATTR_RP_6] = {.type = NLA_U8},
[DCB_BCN_ATTR_RP_7] = {.type = NLA_U8},
[DCB_BCN_ATTR_RP_ALL] = {.type = NLA_FLAG},
// from here is somewhat different
[DCB_BCN_ATTR_BCNA_0] = {.type = NLA_U32},
...
[DCB_BCN_ATTR_ALL] = {.type = NLA_FLAG},
};
Therefore, the current code is buggy and this
nla_parse_nested_deprecated could overflow the dcbnl_pfc_up_nest and use
the adjacent nla_policy to parse attributes from DCB_BCN_ATTR_BCNA_0.
This patch use correct dcbnl_bcn_nest policy to parse the
tb[DCB_ATTR_BCN] nested TLV.
Fixes: 859ee3c43812 ("DCB: Add support for DCB BCN")
Signed-off-by: Lin Ma <linma@zju.edu.cn>
---
net/dcb/dcbnl.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Comments
On Mon, Jul 31, 2023 at 12:52:16PM +0800, Lin Ma wrote: > The dcbnl_bcn_setcfg uses erroneous policy to parse tb[DCB_ATTR_BCN], > which is introduced in commit 859ee3c43812 ("DCB: Add support for DCB > BCN"). Please see the comment in below code > > static int dcbnl_bcn_setcfg(...) > { > ... > ret = nla_parse_nested_deprecated(..., dcbnl_pfc_up_nest, .. ) > // !!! dcbnl_pfc_up_nest for attributes > // DCB_PFC_UP_ATTR_0 to DCB_PFC_UP_ATTR_ALL in enum dcbnl_pfc_up_attrs > ... > for (i = DCB_BCN_ATTR_RP_0; i <= DCB_BCN_ATTR_RP_7; i++) { > // !!! DCB_BCN_ATTR_RP_0 to DCB_BCN_ATTR_RP_7 in enum dcbnl_bcn_attrs > ... > value_byte = nla_get_u8(data[i]); > ... > } > ... > for (i = DCB_BCN_ATTR_BCNA_0; i <= DCB_BCN_ATTR_RI; i++) { > // !!! DCB_BCN_ATTR_BCNA_0 to DCB_BCN_ATTR_RI in enum dcbnl_bcn_attrs > ... > value_int = nla_get_u32(data[i]); > ... > } > ... > } > > That is, the nla_parse_nested_deprecated uses dcbnl_pfc_up_nest > attributes to parse nlattr defined in dcbnl_pfc_up_attrs. But the > following access code fetch each nlattr as dcbnl_bcn_attrs attributes. > By looking up the associated nla_policy for dcbnl_bcn_attrs. We can find > the beginning part of these two policies are "same". > > static const struct nla_policy dcbnl_pfc_up_nest[...] = { > [DCB_PFC_UP_ATTR_0] = {.type = NLA_U8}, > [DCB_PFC_UP_ATTR_1] = {.type = NLA_U8}, > [DCB_PFC_UP_ATTR_2] = {.type = NLA_U8}, > [DCB_PFC_UP_ATTR_3] = {.type = NLA_U8}, > [DCB_PFC_UP_ATTR_4] = {.type = NLA_U8}, > [DCB_PFC_UP_ATTR_5] = {.type = NLA_U8}, > [DCB_PFC_UP_ATTR_6] = {.type = NLA_U8}, > [DCB_PFC_UP_ATTR_7] = {.type = NLA_U8}, > [DCB_PFC_UP_ATTR_ALL] = {.type = NLA_FLAG}, > }; > > static const struct nla_policy dcbnl_bcn_nest[...] = { > [DCB_BCN_ATTR_RP_0] = {.type = NLA_U8}, > [DCB_BCN_ATTR_RP_1] = {.type = NLA_U8}, > [DCB_BCN_ATTR_RP_2] = {.type = NLA_U8}, > [DCB_BCN_ATTR_RP_3] = {.type = NLA_U8}, > [DCB_BCN_ATTR_RP_4] = {.type = NLA_U8}, > [DCB_BCN_ATTR_RP_5] = {.type = NLA_U8}, > [DCB_BCN_ATTR_RP_6] = {.type = NLA_U8}, > [DCB_BCN_ATTR_RP_7] = {.type = NLA_U8}, > [DCB_BCN_ATTR_RP_ALL] = {.type = NLA_FLAG}, > // from here is somewhat different > [DCB_BCN_ATTR_BCNA_0] = {.type = NLA_U32}, > ... > [DCB_BCN_ATTR_ALL] = {.type = NLA_FLAG}, > }; > > Therefore, the current code is buggy and this > nla_parse_nested_deprecated could overflow the dcbnl_pfc_up_nest and use > the adjacent nla_policy to parse attributes from DCB_BCN_ATTR_BCNA_0. > > This patch use correct dcbnl_bcn_nest policy to parse the > tb[DCB_ATTR_BCN] nested TLV. > > Fixes: 859ee3c43812 ("DCB: Add support for DCB BCN") > Signed-off-by: Lin Ma <linma@zju.edu.cn> Reviewed-by: Simon Horman <horms@kernel.org>
Hello Markus, > > … > > This patch use correct dcbnl_bcn_nest policy to parse the > > tb[DCB_ATTR_BCN] nested TLV. > > Are imperative change descriptions still preferred? > > See also: > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/Documentation/process/submitting-patches.rst?h=v6.5-rc3#n94 > > Regards, > Markus Yeah, thanks for reminding me. I haven't been paying attention to that and I will remember this ever since. :D Regards, Lin
On Tue, Aug 01, 2023 at 09:34:17AM +0800, Lin Ma wrote: > Hello Markus, > > > > > … > > > This patch use correct dcbnl_bcn_nest policy to parse the > > > tb[DCB_ATTR_BCN] nested TLV. > > > > Are imperative change descriptions still preferred? > > > > See also: > > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/Documentation/process/submitting-patches.rst?h=v6.5-rc3#n94 > > > > Regards, > > Markus > > Yeah, thanks for reminding me. I haven't been paying attention to that > and I will remember this ever since. :D Simon reviewed the patch already. Don't listen to Markus. He's banned from vger. https://lore.kernel.org/all/2023073123-poser-panhandle-1cb7@gregkh/ regards, dan carpenter
Hello Dan, > > Simon reviewed the patch already. Don't listen to Markus. He's banned > from vger. > > https://lore.kernel.org/all/2023073123-poser-panhandle-1cb7@gregkh/ > > regards, > dan carpenter Ooooops, I never thought of it like this. I will take note of that :). Thanks Lin
I'm not trying to be mean. I don't go out looking for Markus's emails, but he often adds kernel-janitors to the CC list. Kernel janitors is a vger list so he's banned but we still see the responses to his emails. In recent months probably seven maintainers have asked him over and over (maybe 20 times?) to stop with this nonsense. So he knew he shouldn't have asked Lin Ma to redo the patch. regards, dan carpenter
diff --git a/net/dcb/dcbnl.c b/net/dcb/dcbnl.c index c0c438128575..2e6b8c8fd2de 100644 --- a/net/dcb/dcbnl.c +++ b/net/dcb/dcbnl.c @@ -980,7 +980,7 @@ static int dcbnl_bcn_setcfg(struct net_device *netdev, struct nlmsghdr *nlh, return -EOPNOTSUPP; ret = nla_parse_nested_deprecated(data, DCB_BCN_ATTR_MAX, - tb[DCB_ATTR_BCN], dcbnl_pfc_up_nest, + tb[DCB_ATTR_BCN], dcbnl_bcn_nest, NULL); if (ret) return ret;