| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <d058ef04-6858-51a7-20e2-95b4f971a32d@linaro.org>
Date: Fri, 26 May 2023 07:29:14 -0500
From: Alex Elder <elder@...aro.org>
To: Bert Karwatzki <spasswolf@....de>,
Alex Elder <alex.elder@...aro.org>
Cc: linux-kernel@...r.kernel.org
Subject: Re: IPA_STATUS_SIZE, commit b8dc7d0eea5a7709bb534f1b3ca70d2d7de0b42c
On 5/18/23 5:12 PM, Bert Karwatzki wrote:
> Am Mittwoch, dem 17.05.2023 um 16:35 -0500 schrieb Alex Elder:
>> On 5/12/23 8:04 AM, Bert Karwatzki wrote:
>>> commit b8dc7d0eea5a7709bb534f1b3ca70d2d7de0b42c
>>> Author: Alex Elder <elder@...aro.org>
>>> Date: Wed Jan 25 14:45:39 2023 -0600
>>>
>>> net: ipa: stop using sizeof(status)
>>>
>>> The IPA packet status structure changes in IPA v5.0 in ways
>>> that
>>> are
>>> difficult to represent cleanly. As a small step toward
>>> redefining
>>> it as a parsed block of data, use a constant to define its
>>> size,
>>> rather than the size of the IPA status structure type.
>>>
>>> Signed-off-by: Alex Elder <elder@...aro.org>
>>> Signed-off-by: David S. Miller <davem@...emloft.net>
>>>
>>> introduced the IPA_STATUS_SIZE constant as a replacent for
>>> sizeof(struct ipa_status). IPA_STATUS_SIZE is defined as
>>> sizeof(__le32[4]), but sizeof(struct ipa_status) =
>>> sizeof(__le32[8])
>>> and the newly introducded ipa_status_extract operates on 8 __le32
>>> words, so I wondered if IPA_STATUS_SIZE is correct.
>>
>> You are right to wonder about this. I think you have identified
>> a bug. It is a bug that most likely almost never matters (because
>> the status size is always proper--and not too small), but it is
>> a bug nevertheless.
>>
>> Would you like to provide a patch to fix this? Otherwise I can
>> do that, and I'll provide credit to you:
>>
>> Reported-by: Bert Karwatzki <spasswolf@....de>
>>
>> Please let me know. Thanks for inquiring about/reporting this.
>>
>> -Alex
>>
>>>
>>> Bert Karwatzki
>>
>
> Here's the patch that addresse the issue (if there's a > in front of
> the first From, that seems to be a quirk of evolution ...)
Your patch looks correct, and again I really appreciate your
finding and fixing it. Since the ipa_status structure is no
longer defined, I might now suggest just defining the value
as ((size_t)32), but that's not a big deal
To get your patch accepted, please re-send it, taking into
account the following:
- Make sure your patch is based on the upstream "net" branch:
Remote: git://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git
Branch: main
(For this trivial fix this might not be critical.)
- Update your subject line, something like:
[PATCH net] net: ipa: use proper value for IPA_STATUS_SIZE
Be sure to include the "net" part; it indicates that the patch
is a bug fix and should be back-ported.
- Add a one or two sentence description in the patch header.
Something like:
A recent commit introduced the IPA_STATUS_SIZE constant as
a replacement for sizeof(struct ipa_status). IPA_STATUS_SIZE
was defined as sizeof(__le32[4]) (16 bytes), which is incorrect.
The actual size of that (since removed) structure was 32 bytes,
or sizeof(__le32[8]). Correct the incorrect value.
- At the end, add your sign-off:
Signed-off-by: Bert Karwatzki <spasswolf@....de>
- And on the line directly above your sign-off, add a "Fixed"
tag to indicate where the bug got introduced:
Fixes: b8dc7d0eea5a ("net: ipa: stop using sizeof(status)")
- Address the patch message to the network maintainers, who
can incorporate it into their current "net" branch, and
arrange for the fix to be back-ported to older stable
branches.
David S. Miller <davem@...emloft.net>
Eric Dumazet <edumazet@...gle.com>
Jakub Kicinski <kuba@...nel.org>
Paolo Abeni <pabeni@...hat.com>
- Carbon-copy me, and some mailing lists:
Alex Elder <elder@...aro.org>
netdev@...r.kernel.org
linux-arm-msm@...r.kernel.org
linux-kernel@...r.kernel.org
Once I receive the updated patch (assuming everything is
order), I will add my "Reviewed-by" and the network
maintainers can merge it and begin the process to get it
back-ported to earlier releases.
If you like, I can do all of this on your behalf. Provided
you give me your sign-off (i.e., just send me a message that
includes "Signed-off-by: Bert Karwatzki <spasswolf@....de>")
I can send it and will credit you for identifying the bug
and sending the fix.
-Alex
>
>
> From 583f35b3d91f048d413fc4f6a3b9237fc9d7efb2 Mon Sep 17 00:00:00 2001
> From: Bert Karwatzki <spasswolf@....de>
> Date: Fri, 19 May 2023 00:02:55 +0200
> Subject: [PATCH] Make IPA_STATUS_SIZE equal to the size of the remove
> struct
> ipa_status.
>
> ---
> drivers/net/ipa/ipa_endpoint.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/net/ipa/ipa_endpoint.c
> b/drivers/net/ipa/ipa_endpoint.c
> index 2ee80ed140b7..afa1d56d9095 100644
> --- a/drivers/net/ipa/ipa_endpoint.c
> +++ b/drivers/net/ipa/ipa_endpoint.c
> @@ -119,7 +119,7 @@ enum ipa_status_field_id {
> };
>
> /* Size in bytes of an IPA packet status structure */
> -#define IPA_STATUS_SIZE sizeof(__le32[4])
> +#define IPA_STATUS_SIZE sizeof(__le32[8])
>
> /* IPA status structure decoder; looks up field values for a structure
> */
> static u32 ipa_status_extract(struct ipa *ipa, const void *data,
Powered by blists - more mailing lists