lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20251017-determined-jackdaw-of-painting-e2ff64-mkl@pengutronix.de>
Date: Fri, 17 Oct 2025 10:28:38 +0200
From: Marc Kleine-Budde <mkl@...gutronix.de>
To: Vincent Mailhol <mailhol@...nel.org>
Cc: Oliver Hartkopp <socketcan@...tkopp.net>, 
	Stéphane Grosjean <stephane.grosjean@...-networks.com>, Robert Nawrath <mbro1689@...il.com>, 
	Minh Le <minh.le.aj@...esas.com>, Duy Nguyen <duy.nguyen.rh@...esas.com>, 
	linux-can@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 1/9] can: dev: can_dev_dropped_skb: drop CAN FD skbs if
 FD is off

On 13.10.2025 20:01:23, Vincent Mailhol wrote:
> Currently, the CAN FD skb validation logic is based on the MTU: the
> interface is deemed FD capable if and only if its MTU is greater or
> equal to CANFD_MTU.
> 
> This logic is showing its limit with the introduction of CAN XL. For
> example, consider the two scenarios below:
> 
>   1. An interface configured with CAN FD on and CAN XL on
> 
>   2. An interface configured with CAN FD off and CAN XL on
> 
> In those two scenarios, the interfaces would have the same MTU:
> 
>   CANXL_MTU
> 
> making it impossible to differentiate which one has CAN FD turned on
> and which one has it off.
> 
> Because of the limitation, the only non-UAPI-breaking workaround is to
> do the check at the device level using the can_priv->ctrlmode flags.
> Unfortunately, the virtual interfaces (vcan, vxcan), which do not have
> a can_priv, are left behind.
> 
> Add a check on the CAN_CTRLMODE_FD flag in can_dev_dropped_skb() and
> drop FD frames whenever the feature is turned off.
> 
> Signed-off-by: Vincent Mailhol <mailhol@...nel.org>

What about merging both can_dev_dropped_skb() an
can_dropped_invalid_skb() in the skb.c, so that there is no stub in the
header file anymore.

Someone (i.e. me) used can_dropped_invalid_skb() in a driver, that means
the check for CAN_CTRLMODE_LISTENONLY is missing :/ (I'll send a fix).

regards,
Marc

-- 
Pengutronix e.K.                 | Marc Kleine-Budde          |
Embedded Linux                   | https://www.pengutronix.de |
Vertretung Nürnberg              | Phone: +49-5121-206917-129 |
Amtsgericht Hildesheim, HRA 2686 | Fax:   +49-5121-206917-9   |

Download attachment "signature.asc" of type "application/pgp-signature" (489 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ