lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Thu, 6 Aug 2020 10:27:42 +0800
From:   kernel test robot <lkp@...el.com>
To:     Rouven Czerwinski <r.czerwinski@...gutronix.de>,
        Boris Pismenny <borisp@...lanox.com>,
        Aviad Yehezkel <aviadye@...lanox.com>,
        John Fastabend <john.fastabend@...il.com>,
        Daniel Borkmann <daniel@...earbox.net>,
        Jakub Kicinski <kuba@...nel.org>,
        "David S. Miller" <davem@...emloft.net>
Cc:     kbuild-all@...ts.01.org, netdev@...r.kernel.org,
        Rouven Czerwinski <r.czerwinski@...gutronix.de>,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH 1/2] net: tls: add compat for get/setsockopt

Hi Rouven,

Thank you for the patch! Yet something to improve:

[auto build test ERROR on linus/master]
[also build test ERROR on v5.8]
[cannot apply to next-20200805]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]

url:    https://github.com/0day-ci/linux/commits/Rouven-Czerwinski/net-tls-add-compat-for-get-setsockopt/20200806-040123
base:   https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git ecfd7940b8641da6e41ca94eba36876dc2ba827b
config: i386-randconfig-s002-20200805 (attached as .config)
compiler: gcc-9 (Debian 9.3.0-15) 9.3.0
reproduce:
        # apt-get install sparse
        # sparse version: v0.6.2-117-g8c7aee71-dirty
        # save the attached .config to linux build tree
        make W=1 C=1 CF='-fdiagnostic-prefix -D__CHECK_ENDIAN__' ARCH=i386 

If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@...el.com>

All errors (new ones prefixed by >>):

   net/tls/tls_main.c: In function 'tls_compat_getsockopt':
>> net/tls/tls_main.c:459:23: error: 'struct proto' has no member named 'compat_getsockopt'
     459 |   return ctx->sk_proto->compat_getsockopt(sk, level, optname,
         |                       ^~
   net/tls/tls_main.c: In function 'tls_compat_setsockopt':
>> net/tls/tls_main.c:632:23: error: 'struct proto' has no member named 'compat_setsockopt'
     632 |   return ctx->sk_proto->compat_setsockopt(sk, level, optname,
         |                       ^~
   At top level:
   net/tls/tls_main.c:626:12: warning: 'tls_compat_setsockopt' defined but not used [-Wunused-function]
     626 | static int tls_compat_setsockopt(struct sock *sk, int level, int optname,
         |            ^~~~~~~~~~~~~~~~~~~~~
   net/tls/tls_main.c:453:12: warning: 'tls_compat_getsockopt' defined but not used [-Wunused-function]
     453 | static int tls_compat_getsockopt(struct sock *sk, int level, int optname,
         |            ^~~~~~~~~~~~~~~~~~~~~

vim +459 net/tls/tls_main.c

   452	
   453	static int tls_compat_getsockopt(struct sock *sk, int level, int optname,
   454					 char __user *optval, int __user *optlen)
   455	{
   456		struct tls_context *ctx = tls_get_ctx(sk);
   457	
   458		if (level != SOL_TLS)
 > 459			return ctx->sk_proto->compat_getsockopt(sk, level, optname,
   460								optval, optlen);
   461	
   462		return do_tls_getsockopt(sk, optname, optval, optlen);
   463	}
   464	
   465	static int do_tls_setsockopt_conf(struct sock *sk, char __user *optval,
   466					  unsigned int optlen, int tx)
   467	{
   468		struct tls_crypto_info *crypto_info;
   469		struct tls_crypto_info *alt_crypto_info;
   470		struct tls_context *ctx = tls_get_ctx(sk);
   471		size_t optsize;
   472		int rc = 0;
   473		int conf;
   474	
   475		if (!optval || (optlen < sizeof(*crypto_info))) {
   476			rc = -EINVAL;
   477			goto out;
   478		}
   479	
   480		if (tx) {
   481			crypto_info = &ctx->crypto_send.info;
   482			alt_crypto_info = &ctx->crypto_recv.info;
   483		} else {
   484			crypto_info = &ctx->crypto_recv.info;
   485			alt_crypto_info = &ctx->crypto_send.info;
   486		}
   487	
   488		/* Currently we don't support set crypto info more than one time */
   489		if (TLS_CRYPTO_INFO_READY(crypto_info)) {
   490			rc = -EBUSY;
   491			goto out;
   492		}
   493	
   494		rc = copy_from_user(crypto_info, optval, sizeof(*crypto_info));
   495		if (rc) {
   496			rc = -EFAULT;
   497			goto err_crypto_info;
   498		}
   499	
   500		/* check version */
   501		if (crypto_info->version != TLS_1_2_VERSION &&
   502		    crypto_info->version != TLS_1_3_VERSION) {
   503			rc = -EINVAL;
   504			goto err_crypto_info;
   505		}
   506	
   507		/* Ensure that TLS version and ciphers are same in both directions */
   508		if (TLS_CRYPTO_INFO_READY(alt_crypto_info)) {
   509			if (alt_crypto_info->version != crypto_info->version ||
   510			    alt_crypto_info->cipher_type != crypto_info->cipher_type) {
   511				rc = -EINVAL;
   512				goto err_crypto_info;
   513			}
   514		}
   515	
   516		switch (crypto_info->cipher_type) {
   517		case TLS_CIPHER_AES_GCM_128:
   518			optsize = sizeof(struct tls12_crypto_info_aes_gcm_128);
   519			break;
   520		case TLS_CIPHER_AES_GCM_256: {
   521			optsize = sizeof(struct tls12_crypto_info_aes_gcm_256);
   522			break;
   523		}
   524		case TLS_CIPHER_AES_CCM_128:
   525			optsize = sizeof(struct tls12_crypto_info_aes_ccm_128);
   526			break;
   527		default:
   528			rc = -EINVAL;
   529			goto err_crypto_info;
   530		}
   531	
   532		if (optlen != optsize) {
   533			rc = -EINVAL;
   534			goto err_crypto_info;
   535		}
   536	
   537		rc = copy_from_user(crypto_info + 1, optval + sizeof(*crypto_info),
   538				    optlen - sizeof(*crypto_info));
   539		if (rc) {
   540			rc = -EFAULT;
   541			goto err_crypto_info;
   542		}
   543	
   544		if (tx) {
   545			rc = tls_set_device_offload(sk, ctx);
   546			conf = TLS_HW;
   547			if (!rc) {
   548				TLS_INC_STATS(sock_net(sk), LINUX_MIB_TLSTXDEVICE);
   549				TLS_INC_STATS(sock_net(sk), LINUX_MIB_TLSCURRTXDEVICE);
   550			} else {
   551				rc = tls_set_sw_offload(sk, ctx, 1);
   552				if (rc)
   553					goto err_crypto_info;
   554				TLS_INC_STATS(sock_net(sk), LINUX_MIB_TLSTXSW);
   555				TLS_INC_STATS(sock_net(sk), LINUX_MIB_TLSCURRTXSW);
   556				conf = TLS_SW;
   557			}
   558		} else {
   559			rc = tls_set_device_offload_rx(sk, ctx);
   560			conf = TLS_HW;
   561			if (!rc) {
   562				TLS_INC_STATS(sock_net(sk), LINUX_MIB_TLSRXDEVICE);
   563				TLS_INC_STATS(sock_net(sk), LINUX_MIB_TLSCURRRXDEVICE);
   564			} else {
   565				rc = tls_set_sw_offload(sk, ctx, 0);
   566				if (rc)
   567					goto err_crypto_info;
   568				TLS_INC_STATS(sock_net(sk), LINUX_MIB_TLSRXSW);
   569				TLS_INC_STATS(sock_net(sk), LINUX_MIB_TLSCURRRXSW);
   570				conf = TLS_SW;
   571			}
   572			tls_sw_strparser_arm(sk, ctx);
   573		}
   574	
   575		if (tx)
   576			ctx->tx_conf = conf;
   577		else
   578			ctx->rx_conf = conf;
   579		update_sk_prot(sk, ctx);
   580		if (tx) {
   581			ctx->sk_write_space = sk->sk_write_space;
   582			sk->sk_write_space = tls_write_space;
   583		} else {
   584			sk->sk_socket->ops = &tls_sw_proto_ops;
   585		}
   586		goto out;
   587	
   588	err_crypto_info:
   589		memzero_explicit(crypto_info, sizeof(union tls_crypto_context));
   590	out:
   591		return rc;
   592	}
   593	
   594	static int do_tls_setsockopt(struct sock *sk, int optname,
   595				     char __user *optval, unsigned int optlen)
   596	{
   597		int rc = 0;
   598	
   599		switch (optname) {
   600		case TLS_TX:
   601		case TLS_RX:
   602			lock_sock(sk);
   603			rc = do_tls_setsockopt_conf(sk, optval, optlen,
   604						    optname == TLS_TX);
   605			release_sock(sk);
   606			break;
   607		default:
   608			rc = -ENOPROTOOPT;
   609			break;
   610		}
   611		return rc;
   612	}
   613	
   614	static int tls_setsockopt(struct sock *sk, int level, int optname,
   615				  char __user *optval, unsigned int optlen)
   616	{
   617		struct tls_context *ctx = tls_get_ctx(sk);
   618	
   619		if (level != SOL_TLS)
   620			return ctx->sk_proto->setsockopt(sk, level, optname, optval,
   621							 optlen);
   622	
   623		return do_tls_setsockopt(sk, optname, optval, optlen);
   624	}
   625	
   626	static int tls_compat_setsockopt(struct sock *sk, int level, int optname,
   627					 char __user *optval, unsigned int optlen)
   628	{
   629		struct tls_context *ctx = tls_get_ctx(sk);
   630	
   631		if (level != SOL_TLS)
 > 632			return ctx->sk_proto->compat_setsockopt(sk, level, optname,
   633								optval, optlen);
   634	
   635		return do_tls_setsockopt(sk, optname, optval, optlen);
   636	}
   637	

---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org

Download attachment ".config.gz" of type "application/gzip" (34927 bytes)

Powered by blists - more mailing lists