lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20251017-bizarre-enchanted-quokka-f3c704-mkl@pengutronix.de>
Date: Fri, 17 Oct 2025 15:27:56 +0200
From: Marc Kleine-Budde <mkl@...gutronix.de>
To: Vincent Mailhol <mailhol@...nel.org>
Cc: Oliver Hartkopp <socketcan@...tkopp.net>, 
	Stéphane Grosjean <stephane.grosjean@...-networks.com>, Robert Nawrath <mbro1689@...il.com>, 
	Minh Le <minh.le.aj@...esas.com>, Duy Nguyen <duy.nguyen.rh@...esas.com>, 
	linux-can@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 1/9] can: dev: can_dev_dropped_skb: drop CAN FD skbs if
 FD is off

On 17.10.2025 10:28:38, Marc Kleine-Budde wrote:
> On 13.10.2025 20:01:23, Vincent Mailhol wrote:
> > Currently, the CAN FD skb validation logic is based on the MTU: the
> > interface is deemed FD capable if and only if its MTU is greater or
> > equal to CANFD_MTU.
> > 
> > This logic is showing its limit with the introduction of CAN XL. For
> > example, consider the two scenarios below:
> > 
> >   1. An interface configured with CAN FD on and CAN XL on
> > 
> >   2. An interface configured with CAN FD off and CAN XL on
> > 
> > In those two scenarios, the interfaces would have the same MTU:
> > 
> >   CANXL_MTU
> > 
> > making it impossible to differentiate which one has CAN FD turned on
> > and which one has it off.
> > 
> > Because of the limitation, the only non-UAPI-breaking workaround is to
> > do the check at the device level using the can_priv->ctrlmode flags.
> > Unfortunately, the virtual interfaces (vcan, vxcan), which do not have
> > a can_priv, are left behind.
> > 
> > Add a check on the CAN_CTRLMODE_FD flag in can_dev_dropped_skb() and
> > drop FD frames whenever the feature is turned off.
> > 
> > Signed-off-by: Vincent Mailhol <mailhol@...nel.org>
> 
> What about merging both can_dev_dropped_skb() an
> can_dropped_invalid_skb() in the skb.c, so that there is no stub in the
> header file anymore.

Ouch! Don't do this. We still need can_dropped_invalid_skb() for virtual
interfaces. See commit ae64438be192 ("can: dev: fix skb drop check").

But then I'm asking: Why is there the difference between virtual and
non-virtual interface in the first place? Can we get rid of it?

> Someone (i.e. me) used can_dropped_invalid_skb() in a driver, that means
> the check for CAN_CTRLMODE_LISTENONLY is missing :/ (I'll send a fix).

These drivers need this fix:

| drivers/net/can/bxcan.c:845:     if (can_dropped_invalid_skb(ndev, skb))
| drivers/net/can/esd/esdacc.c:257:        if (can_dropped_invalid_skb(netdev, skb))
| drivers/net/can/rockchip/rockchip_canfd-tx.c:75: if (can_dropped_invalid_skb(ndev, skb))

Marc

-- 
Pengutronix e.K.                 | Marc Kleine-Budde          |
Embedded Linux                   | https://www.pengutronix.de |
Vertretung Nürnberg              | Phone: +49-5121-206917-129 |
Amtsgericht Hildesheim, HRA 2686 | Fax:   +49-5121-206917-9   |

Download attachment "signature.asc" of type "application/pgp-signature" (489 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ