lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Thu, 27 Oct 2022 11:59:26 +0200
From:   Petr Machata <petrm@...dia.com>
To:     <Daniel.Machon@...rochip.com>
CC:     <petrm@...dia.com>, <netdev@...r.kernel.org>,
        <davem@...emloft.net>, <maxime.chevallier@...tlin.com>,
        <thomas.petazzoni@...tlin.com>, <edumazet@...gle.com>,
        <kuba@...nel.org>, <pabeni@...hat.com>,
        <Lars.Povlsen@...rochip.com>, <Steen.Hegelund@...rochip.com>,
        <UNGLinuxDriver@...rochip.com>, <joe@...ches.com>,
        <linux@...linux.org.uk>, <Horatiu.Vultur@...rochip.com>,
        <Julia.Lawall@...ia.fr>, <vladimir.oltean@....com>,
        <linux-kernel@...r.kernel.org>,
        <linux-arm-kernel@...ts.infradead.org>
Subject: Re: [net-next v3 1/6] net: dcb: add new pcp selector to app object


<Daniel.Machon@...rochip.com> writes:

>> >> And vice versa: I'm not sure we want to permit sending the standard
>> >> attributes in the DCB encap.
>> >
>> > dcbnl_app_attr_type_get() in dcbnl_ieee_fill() takes care of this. IEEE are
>> > always sent in DCB_ATTR_IEEE and non-std are sent in DCB_ATTR_DCB.
>> 
>> By "sending" I meant userspace sending this to the kernel. So bounce
>> extended opcodes that are wrapped in IEEE and bounce IEEE opcodes
>> wrapped in DCB as well.
>
> Right. Then we only need to decide what to do with any opcode in-between
> (not defined in uapi, neither ieee or extension opcode, 7-254). If they are 
> sent in DCB_ATTR_DCB they should be bounced, because we agreed that we can 
> interpret data in the new attr), _but_ if they are sent in DCB_ATTR_IEEE I 
> guess we should accept them, to not break userspace that is already sending
> them.

I see, it's not currently validating at all. It just relies on the
driver to do the validation, but e.g. bnxt_dcbnl_ieee_setapp(), just
lets nonsense right through.

OK, but this interface is built on standards. The selector has a
well-defined, IEEE-backed meaning with enumerators published in the UAPI
headers. As before, even though this constitutes API breakage, IMHO if
anyone relies on shoving random garbage through this interface, it's on
them...

I think it's kosher to start bouncing undefined selectors.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ