lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <a890ac60-0562-48c3-9aa1-eb06ec21c69d@quicinc.com>
Date:   Mon, 18 Sep 2023 13:07:26 +0530
From:   Krishna Kurapati PSSNV <quic_kriskura@...cinc.com>
To:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>
CC:     Linyu Yuan <quic_linyyuan@...cinc.com>,
        Maciej Żenczykowski <maze@...gle.com>,
        <linux-usb@...r.kernel.org>, <linux-kernel@...r.kernel.org>,
        <quic_ppratap@...cinc.com>, <quic_wcheng@...cinc.com>,
        <quic_jackp@...cinc.com>, <stable@...r.kernel.org>
Subject: Re: [PATCH v2] usb: gadget: ncm: Handle decoding of multiple NTB's in
 unwrap call



On 9/17/2023 1:34 PM, Greg Kroah-Hartman wrote:
>> Cc: stable@...r.kernel.org
> 
> What commit id does this fix?
> 

Hi Greg,

This fixes the initial patch that added the driver:
9f6ce4240a2bf456402c15c06768059e5973f28c

>> Reviewed-by: Maciej Żenczykowski <maze@...gle.com>
>> Signed-off-by: Krishna Kurapati <quic_kriskura@...cinc.com>
>> ---
>>   drivers/usb/gadget/function/f_ncm.c | 26 +++++++++++++++++++-------
>>   1 file changed, 19 insertions(+), 7 deletions(-)
>>
>> diff --git a/drivers/usb/gadget/function/f_ncm.c b/drivers/usb/gadget/function/f_ncm.c
>> index feccf4c8cc4f..f00f051438ec 100644
>> --- a/drivers/usb/gadget/function/f_ncm.c
>> +++ b/drivers/usb/gadget/function/f_ncm.c
>> @@ -1156,7 +1156,8 @@ static int ncm_unwrap_ntb(struct gether *port,
>>   			  struct sk_buff_head *list)
>>   {
>>   	struct f_ncm	*ncm = func_to_ncm(&port->func);
>> -	__le16		*tmp = (void *) skb->data;
>> +	unsigned char	*ntb_ptr = (void *) skb->data;
> 
> Why persist with the extra ' ', didn't checkpatch complain about this?
> 
> And why the cast at all?
> 
My bad. I ran the checkpatch and got the following result:

kriskura@...kriskura-hyd:/local/mnt/workspace/krishna/510/testncm/kernel$ 
./scripts/checkpatch.pl --strict 
0001-usb-gadget-ncm-Handle-decoding-of-multiple-NTB-s-in-.patch
WARNING: Prefer a maximum 75 chars per line (possible unwrapped commit 
description?)
#12:
unwraps the obtained request data assuming only one NTB is present, we loose

CHECK: No space is necessary after a cast
#34: FILE: drivers/usb/gadget/function/f_ncm.c:1159:
+       unsigned char   *ntb_ptr = (void *) skb->data;

CHECK: No space is necessary after a cast
#46: FILE: drivers/usb/gadget/function/f_ncm.c:1176:
+       tmp = (void *) ntb_ptr;

CHECK: No space is necessary after a cast
#93: FILE: drivers/usb/gadget/function/f_ncm.c:1329:
+               ntb_ptr = (unsigned char *) (ntb_ptr + block_len);

total: 0 errors, 1 warnings, 3 checks, 67 lines checked


I ignored the checks and saw only that errors are 0. Seems like I missed 
fixing the commit text wrapping to 75 chars (On line 12 it has 76 
chars). Will fix it up in v3.

As per the cast, I initially didn't add any cast and saw that the code 
was not able to parse the dwSignature of the NTH and decoding of all 
packets was failing. Only when I added the cast, was the function able 
to decode all packets properly.

>> +	__le16		*tmp;
>>   	unsigned	index, index2;
>>   	int		ndp_index;
>>   	unsigned	dg_len, dg_len2;
>> @@ -1169,6 +1170,10 @@ static int ncm_unwrap_ntb(struct gether *port,
>>   	const struct ndp_parser_opts *opts = ncm->parser_opts;
>>   	unsigned	crc_len = ncm->is_crc ? sizeof(uint32_t) : 0;
>>   	int		dgram_counter;
>> +	int		to_process = skb->len;
>> +
>> +parse_ntb:
>> +	tmp = (void *) ntb_ptr;
> 
> Again, no blank space please.
> 
> And why the cast?
> 
the second cast here was just to be in sync with the original code;
__le16		*tmp = (void *) skb->data;

I didn't try removing this and running the test. Will check if the 
second one is required or if decoding is proper without it or not.

Regards,
Krishna,

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ