| Message ID | 20231228070258.3052422-1-linma@zju.edu.cn |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel+bounces-12472-ouuuleilei=gmail.com@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a05:7301:6f82:b0:100:9c79:88ff with SMTP id
tb2csp1844090dyb;
Wed, 27 Dec 2023 23:03:45 -0800 (PST)
X-Google-Smtp-Source:
AGHT+IGLKV1pSuDXtbXRODQOl3Im/9YJahBcUgfvked9d/rX0ZtKVjVr3yrl6+DOSR1CxGLKR0RA
X-Received: by 2002:a05:6e02:154e:b0:35f:eba8:4e36 with SMTP id
j14-20020a056e02154e00b0035feba84e36mr9140343ilu.23.1703747025050;
Wed, 27 Dec 2023 23:03:45 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1703747025; cv=none;
d=google.com; s=arc-20160816;
b=L9xMjqialpfkUygtaKCgdyuntMZmK579hvu1+mUp+DozVpZQNtwxYxa7v9bvcuTNTP
6lTUKf43jPJ/A9nYmVnXO2Lhz+ARJcbGh0andhrhHv8K4qqq2JwXsixauc2ewQ2e3L3r
ViRagG1GKUmy2bCcXPrXGdrGpLlbEFOYA/nxZdRHh8uJ3s1yMUCCy7xO0B1t69jWvfvC
l3MNqSKquQYf8nnLjor3rudWaBp3RItbW2RqA6hEMGWraMzvX6Y9HTS43YjqQXXoRHvL
YMjN73Ir2REJ5TGYhkPnVq8aSr63y4wAvYs9l0Y2PUM5ll9Ozn/6dPwggCbYG2CA25o0
Qebw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-unsubscribe:list-subscribe:list-id:precedence:message-id:date
:subject:cc:to:from;
bh=ejdWyA1qFJq54aWfAO2Fm9ibGISNFeEIjn42C6lnNSE=;
fh=8BX9JT3GOL0ROYXwasIfPWTAV+0xGvMZykyt6YeawnU=;
b=Vu9Vm6tPWavOgLeq3GU8F5cUXnWu5xVGo2hUbTp74KGnDMtwNtDJabD0nwqFOD4kvL
7agMluvRKTxd1umCb3Hpbpy/qbz+/3CL9ixE6eul+mTzaU3myBPJr6/aicxXhb9AiP6c
xwGHsbCiSA2aB5JpnM2Z7DcO5hdMCl/tAb45VcZ7ZM0n2TEO7lv/zyDBWl0c5WVfcRF6
M6TY4WnhGlYvsoarZ98SLgeVLMY5wvbnAyJ6gBJMpEfmaNIq/t1NrgnSOTtgqARRzWm4
Mu5CfEw7xU1UMQYnkuSIP6NH3TeBqeOoFTKNiQ93sI16QVNd/f04jj1YSEOF00I0yUDU
M6KQ==
ARC-Authentication-Results: i=1; mx.google.com;
spf=pass (google.com: domain of
linux-kernel+bounces-12472-ouuuleilei=gmail.com@vger.kernel.org designates
139.178.88.99 as permitted sender)
smtp.mailfrom="linux-kernel+bounces-12472-ouuuleilei=gmail.com@vger.kernel.org"
Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99])
by mx.google.com with ESMTPS id
q5-20020a632a05000000b005cdff5da4f9si8848981pgq.456.2023.12.27.23.03.44
for <ouuuleilei@gmail.com>
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Wed, 27 Dec 2023 23:03:45 -0800 (PST)
Received-SPF: pass (google.com: domain of
linux-kernel+bounces-12472-ouuuleilei=gmail.com@vger.kernel.org designates
139.178.88.99 as permitted sender) client-ip=139.178.88.99;
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of
linux-kernel+bounces-12472-ouuuleilei=gmail.com@vger.kernel.org designates
139.178.88.99 as permitted sender)
smtp.mailfrom="linux-kernel+bounces-12472-ouuuleilei=gmail.com@vger.kernel.org"
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org
[52.25.139.140])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by sv.mirrors.kernel.org (Postfix) with ESMTPS id C987A281801
for <ouuuleilei@gmail.com>; Thu, 28 Dec 2023 07:03:44 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
by smtp.subspace.kernel.org (Postfix) with ESMTP id 8C2185666;
Thu, 28 Dec 2023 07:03:27 +0000 (UTC)
X-Original-To: linux-kernel@vger.kernel.org
Received: from zg8tmty3ljk5ljewns4xndka.icoremail.net
(zg8tmty3ljk5ljewns4xndka.icoremail.net [167.99.105.149])
by smtp.subspace.kernel.org (Postfix) with ESMTP id 38FC13C0B;
Thu, 28 Dec 2023 07:03:21 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
dmarc=none (p=none dis=none) header.from=zju.edu.cn
Authentication-Results: smtp.subspace.kernel.org;
spf=pass smtp.mailfrom=zju.edu.cn
Received: from localhost.localdomain (unknown [39.174.92.167])
by mail-app3 (Coremail) with SMTP id cC_KCgBn3YynHY1lqyGVAQ--.7281S4;
Thu, 28 Dec 2023 15:03:04 +0800 (CST)
From: Lin Ma <linma@zju.edu.cn>
To: jk@codeconstruct.com.au,
matt@codeconstruct.com.au,
davem@davemloft.net,
edumazet@google.com,
kuba@kernel.org,
pabeni@redhat.com,
netdev@vger.kernel.org,
linux-kernel@vger.kernel.org
Cc: Lin Ma <linma@zju.edu.cn>
Subject: [PATCH net-next v1] net: mctp: use deprecated parser in
mctp_set_link_af
Date: Thu, 28 Dec 2023 15:02:58 +0800
Message-Id: <20231228070258.3052422-1-linma@zju.edu.cn>
X-Mailer: git-send-email 2.17.1
X-CM-TRANSID: cC_KCgBn3YynHY1lqyGVAQ--.7281S4
X-Coremail-Antispam: 1UD129KBjvJXoW7KF15Cr4kWw47JF13AF48Xrb_yoW8AFW5pa
4vqFyUKrsrGryIgayvgF4vga43uw4DCw45GrySg3savFn8XrZ3tFyxKrWa9r43Ca1UAFZx
AryUK3Wjqw1DJFJanT9S1TB71UUUUUUqnTZGkaVYY2UrUUUUjbIjqfuFe4nvWSU5nxnvy2
9KBjDU0xBIdaVrnRJUUUym14x267AKxVW8JVW5JwAFc2x0x2IEx4CE42xK8VAvwI8IcIk0
rVWrJVCq3wAFIxvE14AKwVWUJVWUGwA2ocxC64kIII0Yj41l84x0c7CEw4AK67xGY2AK02
1l84ACjcxK6xIIjxv20xvE14v26w1j6s0DM28EF7xvwVC0I7IYx2IY6xkF7I0E14v26F4U
JVW0owA2z4x0Y4vEx4A2jsIE14v26rxl6s0DM28EF7xvwVC2z280aVCY1x0267AKxVW0oV
Cq3wAS0I0E0xvYzxvE52x082IY62kv0487Mc02F40EFcxC0VAKzVAqx4xG6I80ewAv7VC0
I7IYx2IY67AKxVWUJVWUGwAv7VC2z280aVAFwI0_Jr0_Gr1lOx8S6xCaFVCjc4AY6r1j6r
4UM4x0Y48IcxkI7VAKI48JM4x0x7Aq67IIx4CEVc8vx2IErcIFxwCF04k20xvY0x0EwIxG
rwCFx2IqxVCFs4IE7xkEbVWUJVW8JwC20s026c02F40E14v26r1j6r18MI8I3I0E7480Y4
vE14v26r106r1rMI8E67AF67kF1VAFwI0_Jw0_GFylIxkGc2Ij64vIr41lIxAIcVC0I7IY
x2IY67AKxVWUJVWUCwCI42IY6xIIjxv20xvEc7CjxVAFwI0_Jr0_Gr1lIxAIcVCF04k26c
xKx2IYs7xG6r1j6r1xMIIF0xvEx4A2jsIE14v26r1j6r4UMIIF0xvEx4A2jsIEc7CjxVAF
wI0_Gr0_Gr1UYxBIdaVFxhVjvjDU0xZFpf9x0JUdHUDUUUUU=
X-CM-SenderInfo: qtrwiiyqvtljo62m3hxhgxhubq/
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1786508240501843072
X-GMAIL-MSGID: 1786508240501843072
|
| Series |
[net-next,v1] net: mctp: use deprecated parser in mctp_set_link_af
|
|
Commit Message
Lin Ma
Dec. 28, 2023, 7:02 a.m. UTC
In mctp set_link_af implementation `mctp_set_link_af`, it uses strict
parser nla_parse_nested to parse the nested attribute. This is fine in
most cases but not here, as the rtnetlink uses *bad magic* in setlink
code, see code snippet in function `do_setlink`.
nla_for_each_nested(af, tb[IFLA_AF_SPEC], rem) {
const struct rtnl_af_ops *af_ops;
BUG_ON(!(af_ops = rtnl_af_lookup(nla_type(af)))); <= (1)
err = af_ops->set_link_af(dev, af, extack); <= (2)
That is, in line (1), the attribute type of af will used to look up the
af_ops, and for MCTP case will use AF_MCTP here to get mctp_af_ops.
Therefore, the attribute with type AF_MCTP will never survive in the
check within the nla_parse_nested.
if (!(nla->nla_type & NLA_F_NESTED)) { <= nla_type is AF_MCTP
NL_SET_ERR_MSG_ATTR(extack, nla, "NLA_F_NESTED is missing");
return -EINVAL; <= always invalid
}
For other set_link_af users IPV4 and IPV6 both make a trick here by
using nla_parse_nested_deprecated, which will check the NLA_F_NESTED
then able to use this type field as family value. This patch simply port
the MCTP code also to deprecated parser to make it work.
Signed-off-by: Lin Ma <linma@zju.edu.cn>
---
net/mctp/device.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
Comments
On Thu, 28 Dec 2023 15:02:58 +0800 Lin Ma wrote: > In mctp set_link_af implementation `mctp_set_link_af`, it uses strict > parser nla_parse_nested to parse the nested attribute. This is fine in > most cases but not here, as the rtnetlink uses *bad magic* in setlink > code, see code snippet in function `do_setlink`. > > nla_for_each_nested(af, tb[IFLA_AF_SPEC], rem) { > const struct rtnl_af_ops *af_ops; > BUG_ON(!(af_ops = rtnl_af_lookup(nla_type(af)))); <= (1) > err = af_ops->set_link_af(dev, af, extack); <= (2) > > That is, in line (1), the attribute type of af will used to look up the > af_ops, and for MCTP case will use AF_MCTP here to get mctp_af_ops. > Therefore, the attribute with type AF_MCTP will never survive in the > check within the nla_parse_nested. > > if (!(nla->nla_type & NLA_F_NESTED)) { <= nla_type is AF_MCTP > NL_SET_ERR_MSG_ATTR(extack, nla, "NLA_F_NESTED is missing"); > return -EINVAL; <= always invalid > } > > For other set_link_af users IPV4 and IPV6 both make a trick here by > using nla_parse_nested_deprecated, which will check the NLA_F_NESTED > then able to use this type field as family value. This patch simply port > the MCTP code also to deprecated parser to make it work. Did you test this? It's a suspiciously detailed and yet seemingly incorrect explanation..
Hello Jakub, > > > > For other set_link_af users IPV4 and IPV6 both make a trick here by > > using nla_parse_nested_deprecated, which will check the NLA_F_NESTED > > then able to use this type field as family value. This patch simply port > > the MCTP code also to deprecated parser to make it work. > > Did you test this? It's a suspiciously detailed and yet seemingly > incorrect explanation.. Yes, I hacked the iproute tool and add below code https://github.com/iproute2/iproute2/blob/main/ip/iplink.c#L801 853a854,861 > } else if (matches(*argv, "mctptest") == 0) { > struct rtattr *afs, *afsmctp; > afs = addattr_nest(&req->n, sizeof(*req), IFLA_AF_SPEC); > afsmctp = addattr_nest(&req->n, sizeof(*req), AF_MCTP); > addattr32(&req->n, sizeof(*req), > IFLA_MCTP_NET, 0); > addattr_nest_end(&req->n, afsmctp); > addattr_nest_end(&req->n, afs); according to the implementation of the `addrgenmode`. In short, the package format should be like L T L T +---+--------------+---+---------+------------- | | IFLA_AF_SPEC | | AF_MCTP | ..... +---+--------------+---+---------+------------- ^ | af Therefore, the code nla_for_each_nested(af, tb[IFLA_AF_SPEC], rem) { const struct rtnl_af_ops *af_ops; BUG_ON(!(af_ops = rtnl_af_lookup(nla_type(af)))); <= (1) err = af_ops->set_link_af(dev, af, extack); <= (2) (1) will get AF_MCTP with nla_type(...) call, and (2) will then passing `af` to `mctp_set_link_af`, which will expect the `NLA_F_NESTED` flag. With the hacked iproute tools, simple type command like `ip link set eth0 mtu 1024 mctptest` will hit the function mctp_set_link_af and with my debugger, I found that the nla_parse_nested always return error. Another elegant solution is to change how (1) calls rtnl_af_lookup, we can introduce another family attribute and avoid to use nla_type(..) which is so suspicious. But this will have to change also other set_link_af implementations (ipv4, ipv6). > -- > pv-bot: s > pw-bot: cr Regards Lin
Hi Lin, > (1) will get AF_MCTP with nla_type(...) call, and (2) will then > passing `af` to `mctp_set_link_af`, which will expect the > `NLA_F_NESTED` flag. You could set that flag? It's not exclusive with the attribute type. From netlink.h: /* * nla_type (16 bits) * +---+---+-------------------------------+ * | N | O | Attribute Type | * +---+---+-------------------------------+ * N := Carries nested attributes * O := Payload stored in network byte order * * Note: The N and O flag are mutually exclusive. */ Which is what we do with existing userspace: https://github.com/CodeConstruct/mctp/blob/6aa4b052d/src/mctp.c#L569C1-L569C1 Cheers, Jeremy
Hello Jeremy, > > Hi Lin, > > > (1) will get AF_MCTP with nla_type(...) call, and (2) will then > > passing `af` to `mctp_set_link_af`, which will expect the > > `NLA_F_NESTED` flag. > > You could set that flag? It's not exclusive with the attribute type. > From netlink.h: > > /* > * nla_type (16 bits) > * +---+---+-------------------------------+ > * | N | O | Attribute Type | > * +---+---+-------------------------------+ > * N := Carries nested attributes > * O := Payload stored in network byte order > * > * Note: The N and O flag are mutually exclusive. > */ > > Which is what we do with existing userspace: > > https://github.com/CodeConstruct/mctp/blob/6aa4b052d/src/mctp.c#L569C1-L569C1 > > Cheers, Oops, my bad. Just know that the nla_type will mask with `NLA_TYPE_MASK`. Sorry for the bother. T^T > > > Jeremy Thanks Lin
diff --git a/net/mctp/device.c b/net/mctp/device.c index acb97b257428..226c8e3ed85f 100644 --- a/net/mctp/device.c +++ b/net/mctp/device.c @@ -400,8 +400,8 @@ static int mctp_set_link_af(struct net_device *dev, const struct nlattr *attr, struct mctp_dev *mdev; int rc; - rc = nla_parse_nested(tb, IFLA_MCTP_MAX, attr, ifla_af_mctp_policy, - NULL); + rc = nla_parse_nested_deprecated(tb, IFLA_MCTP_MAX, attr, ifla_af_mctp_policy, + NULL); if (rc) return rc;