lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <29C1DC0826876849BDD9F1C67ABA29430728D116@ala-mail09.corp.ad.wrs.com>
Date:	Mon, 8 Mar 2010 12:48:38 -0800
From:	"Stephens, Allan" <allan.stephens@...driver.com>
To:	"Neil Horman" <nhorman@...driver.com>, <davem@...emloft.net>
Cc:	<netdev@...r.kernel.org>
Subject: RE: [PATCH] tipc: fix endianness on tipc subscriber messages

Hi there:

There are a couple of problems with this patch that need to be resolved
before it can be applied to the upstream kernel.

1) Neil's replacement of the htohl() call with the equivalent
htonl()/ntohl() calls, while well intentioned, was done without
understanding why the htohl() calls were put there in the first place.
In addition, the TIPC specification that he used to justify some of his
decisions is out-dated, and doesn't reflect the latest version of the
TIPC protocol.  (I'll discuss this further in a follow-up email.)

2) Neil's alteration of the memcpy() in the subscription cancelation
routine is simply wrong.  The pieces of the data structure that he
claims are local are not local, and must be checked to ensure that the
cancellation is done properly.

I'm also surprised to see that this patch was immediately applied to
net-2.6.  First, there was no opportunity given for people to comment on
the patch.  Secondly, I would have expected this patch to be applied to
net-next-2.6, since the functionality being changed here (at least the
first part of it) is more like a feature enhancement than a bug fix.  Am
I misunderstanding the process being followed here?  If so, please
explain ...

Regards,
Al

> -----Original Message-----
> From: Neil Horman [mailto:nhorman@...driver.com] 
> Sent: Monday, March 08, 2010 3:03 PM
> To: netdev@...r.kernel.org
> Cc: Stephens, Allan; davem@...emloft.net; nhorman@...driver.com
> Subject: [PATCH] tipc: fix endianness on tipc subscriber messages
> 
> Remove htohl implementation from tipc
> 
> I was working on forward porting the downstream commits for 
> TIPC and ran accross this one:
> http://tipc.cslab.ericsson.net/cgi-bin/gitweb.cgi?p=people/all
> an/tipc.git;a=commitdiff;h=894279b9437b63cbb02405ad5b8e033b51e4e31e
> 
> I was going to just take it, when I looked closer and noted 
> what it was doing.
> This is basically a routine to byte swap fields of data in 
> sent/received packets for tipc, dependent upon the receivers 
> guessed endianness of the peer when a connection is 
> established.  Asside from just seeming silly to me, it 
> appears to violate the latest RFC draft for tipc:
> http://tipc.sourceforge.net/doc/draft-spec-tipc-02.txt
> Which, according to section 4.2 and 4.3.3, requires that all 
> fields of all commands be sent in network byte order.  So 
> instead of just taking this patch, instead I'm removing the 
> htohl function and replacing the calls with calls to ntohl in 
> the rx path and htonl in the send path.
> 
> As part of this fix, I'm also changing the subscr_cancel 
> function, which searches the list of subscribers, using a 
> memcmp of the entire subscriber list, for the entry to tear 
> down.  unfortunately it memcmps the entire tipc_subscr 
> structure which has several bits that are private to the 
> local side, so nothing will ever match.  section 5.2 of the 
> draft spec indicates the <type,upper,lower> tuple should 
> uniquely identify a subscriber, so convert subscr_cancel to 
> just match on those fields (properly endian swapped).
> 
> I've tested this using the tipc test suite, and its passed 
> without issue.
> 
> Signed-off-by: Neil Horman <nhorman@...driver.com>
> CC: Allan Stephens <allan.stephens@...driver.com>
> 
> 
>  subscr.c |   57 
> ++++++++++++++++++++++-----------------------------------
>  subscr.h |    2 --
>  2 files changed, 22 insertions(+), 37 deletions(-)
> 
> diff --git a/net/tipc/subscr.c b/net/tipc/subscr.c index 
> ac91f0d..ff123e5 100644
> --- a/net/tipc/subscr.c
> +++ b/net/tipc/subscr.c
> @@ -76,19 +76,6 @@ struct top_srv {
>  static struct top_srv topsrv = { 0 };
>  
>  /**
> - * htohl - convert value to endianness used by destination
> - * @in: value to convert
> - * @swap: non-zero if endianness must be reversed
> - *
> - * Returns converted value
> - */
> -
> -static u32 htohl(u32 in, int swap)
> -{
> -	return swap ? swab32(in) : in;
> -}
> -
> -/**
>   * subscr_send_event - send a message containing a 
> tipc_event to the subscriber
>   *
>   * Note: Must not hold subscriber's server port lock, since 
> tipc_send() will @@ -107,11 +94,11 @@ static void 
> subscr_send_event(struct subscription *sub,
>  	msg_sect.iov_base = (void *)&sub->evt;
>  	msg_sect.iov_len = sizeof(struct tipc_event);
>  
> -	sub->evt.event = htohl(event, sub->swap);
> -	sub->evt.found_lower = htohl(found_lower, sub->swap);
> -	sub->evt.found_upper = htohl(found_upper, sub->swap);
> -	sub->evt.port.ref = htohl(port_ref, sub->swap);
> -	sub->evt.port.node = htohl(node, sub->swap);
> +	sub->evt.event = htonl(event);
> +	sub->evt.found_lower = htonl(found_lower);
> +	sub->evt.found_upper = htonl(found_upper);
> +	sub->evt.port.ref = htonl(port_ref);
> +	sub->evt.port.node = htonl(node);
>  	tipc_send(sub->server_ref, 1, &msg_sect);  }
>  
> @@ -287,16 +274,23 @@ static void subscr_cancel(struct 
> tipc_subscr *s,  {
>  	struct subscription *sub;
>  	struct subscription *sub_temp;
> +	__u32 type, lower, upper;
>  	int found = 0;
>  
>  	/* Find first matching subscription, exit if not found */
>  
> +	type = ntohl(s->seq.type);
> +	lower = ntohl(s->seq.lower);
> +	upper = ntohl(s->seq.upper);
> +
>  	list_for_each_entry_safe(sub, sub_temp, 
> &subscriber->subscription_list,
>  				 subscription_list) {
> -		if (!memcmp(s, &sub->evt.s, sizeof(struct 
> tipc_subscr))) {
> -			found = 1;
> -			break;
> -		}
> +			if ((type == sub->seq.type) &&
> +			    (lower == sub->seq.lower) &&
> +			    (upper == sub->seq.upper)) {
> +				found = 1;
> +				break;
> +			}
>  	}
>  	if (!found)
>  		return;
> @@ -325,16 +319,10 @@ static struct subscription 
> *subscr_subscribe(struct tipc_subscr *s,
>  					     struct subscriber 
> *subscriber)  {
>  	struct subscription *sub;
> -	int swap;
> -
> -	/* Determine subscriber's endianness */
> -
> -	swap = !(s->filter & (TIPC_SUB_PORTS | TIPC_SUB_SERVICE));
>  
>  	/* Detect & process a subscription cancellation request */
>  
> -	if (s->filter & htohl(TIPC_SUB_CANCEL, swap)) {
> -		s->filter &= ~htohl(TIPC_SUB_CANCEL, swap);
> +	if (ntohl(s->filter) & TIPC_SUB_CANCEL) {
>  		subscr_cancel(s, subscriber);
>  		return NULL;
>  	}
> @@ -359,11 +347,11 @@ static struct subscription 
> *subscr_subscribe(struct tipc_subscr *s,
>  
>  	/* Initialize subscription object */
>  
> -	sub->seq.type = htohl(s->seq.type, swap);
> -	sub->seq.lower = htohl(s->seq.lower, swap);
> -	sub->seq.upper = htohl(s->seq.upper, swap);
> -	sub->timeout = htohl(s->timeout, swap);
> -	sub->filter = htohl(s->filter, swap);
> +	sub->seq.type = ntohl(s->seq.type);
> +	sub->seq.lower = ntohl(s->seq.lower);
> +	sub->seq.upper = ntohl(s->seq.upper);
> +	sub->timeout = ntohl(s->timeout);
> +	sub->filter = ntohl(s->filter);
>  	if ((!(sub->filter & TIPC_SUB_PORTS) ==
>  	     !(sub->filter & TIPC_SUB_SERVICE)) ||
>  	    (sub->seq.lower > sub->seq.upper)) { @@ -376,7 
> +364,6 @@ static struct subscription *subscr_subscribe(struct 
> tipc_subscr *s,
>  	INIT_LIST_HEAD(&sub->nameseq_list);
>  	list_add(&sub->subscription_list, 
> &subscriber->subscription_list);
>  	sub->server_ref = subscriber->port_ref;
> -	sub->swap = swap;
>  	memcpy(&sub->evt.s, s, sizeof(struct tipc_subscr));
>  	atomic_inc(&topsrv.subscription_count);
>  	if (sub->timeout != TIPC_WAIT_FOREVER) { diff --git 
> a/net/tipc/subscr.h b/net/tipc/subscr.h index 45d89bf..c20f496 100644
> --- a/net/tipc/subscr.h
> +++ b/net/tipc/subscr.h
> @@ -53,7 +53,6 @@ typedef void (*tipc_subscr_event) (struct 
> subscription *sub,
>   * @nameseq_list: adjacent subscriptions in name sequence's 
> subscription list
>   * @subscription_list: adjacent subscriptions in 
> subscriber's subscription list
>   * @server_ref: object reference of server port associated 
> with subscription
> - * @swap: indicates if subscriber uses opposite endianness 
> in its messages
>   * @evt: template for events generated by subscription
>   */
>  
> @@ -66,7 +65,6 @@ struct subscription {
>  	struct list_head nameseq_list;
>  	struct list_head subscription_list;
>  	u32 server_ref;
> -	int swap;
>  	struct tipc_event evt;
>  };
>  
> 
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists