| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 18 Sep 2023 13:07:26 +0530
From: Krishna Kurapati PSSNV <quic_kriskura@...cinc.com>
To: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
CC: Linyu Yuan <quic_linyyuan@...cinc.com>,
Maciej Żenczykowski <maze@...gle.com>,
<linux-usb@...r.kernel.org>, <linux-kernel@...r.kernel.org>,
<quic_ppratap@...cinc.com>, <quic_wcheng@...cinc.com>,
<quic_jackp@...cinc.com>, <stable@...r.kernel.org>
Subject: Re: [PATCH v2] usb: gadget: ncm: Handle decoding of multiple NTB's in
unwrap call
On 9/17/2023 1:34 PM, Greg Kroah-Hartman wrote:
>> Cc: stable@...r.kernel.org
>
> What commit id does this fix?
>
Hi Greg,
This fixes the initial patch that added the driver:
9f6ce4240a2bf456402c15c06768059e5973f28c
>> Reviewed-by: Maciej Żenczykowski <maze@...gle.com>
>> Signed-off-by: Krishna Kurapati <quic_kriskura@...cinc.com>
>> ---
>> drivers/usb/gadget/function/f_ncm.c | 26 +++++++++++++++++++-------
>> 1 file changed, 19 insertions(+), 7 deletions(-)
>>
>> diff --git a/drivers/usb/gadget/function/f_ncm.c b/drivers/usb/gadget/function/f_ncm.c
>> index feccf4c8cc4f..f00f051438ec 100644
>> --- a/drivers/usb/gadget/function/f_ncm.c
>> +++ b/drivers/usb/gadget/function/f_ncm.c
>> @@ -1156,7 +1156,8 @@ static int ncm_unwrap_ntb(struct gether *port,
>> struct sk_buff_head *list)
>> {
>> struct f_ncm *ncm = func_to_ncm(&port->func);
>> - __le16 *tmp = (void *) skb->data;
>> + unsigned char *ntb_ptr = (void *) skb->data;
>
> Why persist with the extra ' ', didn't checkpatch complain about this?
>
> And why the cast at all?
>
My bad. I ran the checkpatch and got the following result:
kriskura@...kriskura-hyd:/local/mnt/workspace/krishna/510/testncm/kernel$
./scripts/checkpatch.pl --strict
0001-usb-gadget-ncm-Handle-decoding-of-multiple-NTB-s-in-.patch
WARNING: Prefer a maximum 75 chars per line (possible unwrapped commit
description?)
#12:
unwraps the obtained request data assuming only one NTB is present, we loose
CHECK: No space is necessary after a cast
#34: FILE: drivers/usb/gadget/function/f_ncm.c:1159:
+ unsigned char *ntb_ptr = (void *) skb->data;
CHECK: No space is necessary after a cast
#46: FILE: drivers/usb/gadget/function/f_ncm.c:1176:
+ tmp = (void *) ntb_ptr;
CHECK: No space is necessary after a cast
#93: FILE: drivers/usb/gadget/function/f_ncm.c:1329:
+ ntb_ptr = (unsigned char *) (ntb_ptr + block_len);
total: 0 errors, 1 warnings, 3 checks, 67 lines checked
I ignored the checks and saw only that errors are 0. Seems like I missed
fixing the commit text wrapping to 75 chars (On line 12 it has 76
chars). Will fix it up in v3.
As per the cast, I initially didn't add any cast and saw that the code
was not able to parse the dwSignature of the NTH and decoding of all
packets was failing. Only when I added the cast, was the function able
to decode all packets properly.
>> + __le16 *tmp;
>> unsigned index, index2;
>> int ndp_index;
>> unsigned dg_len, dg_len2;
>> @@ -1169,6 +1170,10 @@ static int ncm_unwrap_ntb(struct gether *port,
>> const struct ndp_parser_opts *opts = ncm->parser_opts;
>> unsigned crc_len = ncm->is_crc ? sizeof(uint32_t) : 0;
>> int dgram_counter;
>> + int to_process = skb->len;
>> +
>> +parse_ntb:
>> + tmp = (void *) ntb_ptr;
>
> Again, no blank space please.
>
> And why the cast?
>
the second cast here was just to be in sync with the original code;
__le16 *tmp = (void *) skb->data;
I didn't try removing this and running the test. Will check if the
second one is required or if decoding is proper without it or not.
Regards,
Krishna,
Powered by blists - more mailing lists