lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Fri, 26 May 2023 07:29:14 -0500
From:   Alex Elder <elder@...aro.org>
To:     Bert Karwatzki <spasswolf@....de>,
        Alex Elder <alex.elder@...aro.org>
Cc:     linux-kernel@...r.kernel.org
Subject: Re: IPA_STATUS_SIZE, commit b8dc7d0eea5a7709bb534f1b3ca70d2d7de0b42c

On 5/18/23 5:12 PM, Bert Karwatzki wrote:
> Am Mittwoch, dem 17.05.2023 um 16:35 -0500 schrieb Alex Elder:
>> On 5/12/23 8:04 AM, Bert Karwatzki wrote:
>>> commit b8dc7d0eea5a7709bb534f1b3ca70d2d7de0b42c
>>> Author: Alex Elder <elder@...aro.org>
>>> Date:   Wed Jan 25 14:45:39 2023 -0600
>>>
>>>       net: ipa: stop using sizeof(status)
>>>       
>>>       The IPA packet status structure changes in IPA v5.0 in ways
>>> that
>>> are
>>>       difficult to represent cleanly.  As a small step toward
>>> redefining
>>>       it as a parsed block of data, use a constant to define its
>>> size,
>>>       rather than the size of the IPA status structure type.
>>>       
>>>       Signed-off-by: Alex Elder <elder@...aro.org>
>>>       Signed-off-by: David S. Miller <davem@...emloft.net>
>>>
>>> introduced the IPA_STATUS_SIZE constant as a replacent for
>>> sizeof(struct ipa_status). IPA_STATUS_SIZE is defined as
>>> sizeof(__le32[4]), but sizeof(struct ipa_status) =
>>> sizeof(__le32[8])
>>> and the newly introducded ipa_status_extract operates on 8 __le32
>>> words, so I wondered if IPA_STATUS_SIZE is correct.
>>
>> You are right to wonder about this.  I think you have identified
>> a bug.  It is a bug that most likely almost never matters (because
>> the status size is always proper--and not too small), but it is
>> a bug nevertheless.
>>
>> Would you like to provide a patch to fix this?  Otherwise I can
>> do that, and I'll provide credit to you:
>>
>>       Reported-by: Bert Karwatzki <spasswolf@....de>
>>
>> Please let me know.  Thanks for inquiring about/reporting this.
>>
>>                                          -Alex
>>
>>>
>>> Bert Karwatzki
>>
> 
> Here's the patch that addresse the issue (if there's a > in front of
> the first From, that seems to be a quirk of evolution ...)

Your patch looks correct, and again I really appreciate your
finding and fixing it.  Since the ipa_status structure is no
longer defined, I might now suggest just defining the value
as ((size_t)32), but that's not a big deal

To get your patch accepted, please re-send it, taking into
account the following:
- Make sure your patch is based on the upstream "net" branch:
     Remote: git://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git
     Branch: main
   (For this trivial fix this might not be critical.)
- Update your subject line, something like:
     [PATCH net] net: ipa: use proper value for IPA_STATUS_SIZE
   Be sure to include the "net" part; it indicates that the patch
   is a bug fix and should be back-ported.
- Add a one or two sentence description in the patch header.
   Something like:
     A recent commit introduced the IPA_STATUS_SIZE constant as
     a replacement for sizeof(struct ipa_status).  IPA_STATUS_SIZE
     was defined as sizeof(__le32[4]) (16 bytes), which is incorrect.
     The actual size of that (since removed) structure was 32 bytes,
     or sizeof(__le32[8]).  Correct the incorrect value.
- At the end,  add your sign-off:
     Signed-off-by: Bert Karwatzki <spasswolf@....de>
- And on the line directly above your sign-off, add a "Fixed"
   tag to indicate where the bug got introduced:
     Fixes: b8dc7d0eea5a ("net: ipa: stop using sizeof(status)")
- Address the patch message to the network maintainers, who
   can incorporate it into their current "net" branch, and
   arrange for the fix to be back-ported to older stable
   branches.
     David S. Miller <davem@...emloft.net>
     Eric Dumazet <edumazet@...gle.com>
     Jakub Kicinski <kuba@...nel.org>
     Paolo Abeni <pabeni@...hat.com>
- Carbon-copy me, and some mailing lists:
     Alex Elder <elder@...aro.org>
     netdev@...r.kernel.org
     linux-arm-msm@...r.kernel.org
     linux-kernel@...r.kernel.org

Once I receive the updated patch (assuming everything is
order), I will add my "Reviewed-by" and the network
maintainers can merge it and begin the process to get it
back-ported to earlier releases.

If you like, I can do all of this on your behalf.  Provided
you give me your sign-off (i.e., just send me a message that
includes "Signed-off-by: Bert Karwatzki <spasswolf@....de>")
I can send it and will credit you for identifying the bug
and sending the fix.

					-Alex


> 
> 
>  From 583f35b3d91f048d413fc4f6a3b9237fc9d7efb2 Mon Sep 17 00:00:00 2001
> From: Bert Karwatzki <spasswolf@....de>
> Date: Fri, 19 May 2023 00:02:55 +0200
> Subject: [PATCH] Make IPA_STATUS_SIZE equal to the size of the remove
> struct
>   ipa_status.
> 
> ---
>   drivers/net/ipa/ipa_endpoint.c | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/drivers/net/ipa/ipa_endpoint.c
> b/drivers/net/ipa/ipa_endpoint.c
> index 2ee80ed140b7..afa1d56d9095 100644
> --- a/drivers/net/ipa/ipa_endpoint.c
> +++ b/drivers/net/ipa/ipa_endpoint.c
> @@ -119,7 +119,7 @@ enum ipa_status_field_id {
>   };
>   
>   /* Size in bytes of an IPA packet status structure */
> -#define IPA_STATUS_SIZE			sizeof(__le32[4])
> +#define IPA_STATUS_SIZE			sizeof(__le32[8])
>   
>   /* IPA status structure decoder; looks up field values for a structure
> */
>   static u32 ipa_status_extract(struct ipa *ipa, const void *data,

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ