lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20251017-fierce-orangutan-of-happiness-180503-mkl@pengutronix.de>
Date: Fri, 17 Oct 2025 17:34:41 +0200
From: Marc Kleine-Budde <mkl@...gutronix.de>
To: Vincent Mailhol <mailhol@...nel.org>
Cc: Oliver Hartkopp <socketcan@...tkopp.net>, 
	Stéphane Grosjean <stephane.grosjean@...-networks.com>, Robert Nawrath <mbro1689@...il.com>, 
	Minh Le <minh.le.aj@...esas.com>, Duy Nguyen <duy.nguyen.rh@...esas.com>, 
	linux-can@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 1/9] can: dev: can_dev_dropped_skb: drop CAN FD skbs if
 FD is off

On 18.10.2025 00:30:45, Vincent Mailhol wrote:
> >> What about merging both can_dev_dropped_skb() an
> >> can_dropped_invalid_skb() in the skb.c, so that there is no stub in the
> >> header file anymore.
> > 
> > Ouch! Don't do this. We still need can_dropped_invalid_skb() for virtual
> > interfaces. See commit ae64438be192 ("can: dev: fix skb drop check").
> 
> Exactly!
> 
> > But then I'm asking: Why is there the difference between virtual and
> > non-virtual interface in the first place? Can we get rid of it?
> 
> The fact is that:
> 
>   - We need a function for the physical interfaces to check the
>     CAN_CTRLMODE_LISTENONLY, i.e. with an access to struct can_priv.
> 
>   - We need a similar function but which work for the virtual
>     interfaces which do not have a can_priv member.
> 
> So unless we do a major code refactor so that the virtual interfaces,
> I do not see how we could get rid of it.

Ack...There are more interesting/important tasks.

> >> Someone (i.e. me) used can_dropped_invalid_skb() in a driver, that means
> >> the check for CAN_CTRLMODE_LISTENONLY is missing :/ (I'll send a fix).
> 
> At least, this does not seem like a security breach like it was the
> case for the missing net_device_ops->ndo_change_mtu().
> 
> > These drivers need this fix:
> > 
> > | drivers/net/can/bxcan.c:845:     if (can_dropped_invalid_skb(ndev, skb))
> > | drivers/net/can/esd/esdacc.c:257:        if (can_dropped_invalid_skb(netdev, skb))
> > | drivers/net/can/rockchip/rockchip_canfd-tx.c:75: if (can_dropped_invalid_skb(ndev, skb))
> 
> Yeah, I think that this is a pitfall, but at the same time, I do not
> see how to get rid of this can_dev_dropped_skb() and
> can_dropped_invalid_skb() pair. The best I can think of it to be
> careful on this problem doing the code review now that we are aware
> about it.

Ack.

regards,
Marc

-- 
Pengutronix e.K.                 | Marc Kleine-Budde          |
Embedded Linux                   | https://www.pengutronix.de |
Vertretung Nürnberg              | Phone: +49-5121-206917-129 |
Amtsgericht Hildesheim, HRA 2686 | Fax:   +49-5121-206917-9   |

Download attachment "signature.asc" of type "application/pgp-signature" (489 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ