lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <ff21f8b9-0fe0-e6be-73d4-18b9f5bfd773@huawei.com>
Date:   Thu, 28 Oct 2021 15:33:21 +0800
From:   Zhang Changzhong <zhangchangzhong@...wei.com>
To:     Oleksij Rempel <o.rempel@...gutronix.de>
CC:     Robin van der Gracht <robin@...tonic.nl>,
        <linux-kernel@...r.kernel.org>,
        Oleksij Rempel <linux@...pel-privat.de>,
        <netdev@...r.kernel.org>, "Marc Kleine-Budde" <mkl@...gutronix.de>,
        <kernel@...gutronix.de>, Oliver Hartkopp <socketcan@...tkopp.net>,
        Jakub Kicinski <kuba@...nel.org>, <linux-can@...r.kernel.org>,
        "David S. Miller" <davem@...emloft.net>
Subject: Re: [PATCH net 2/3] can: j1939: j1939_can_recv(): ignore messages
 with invalid source address

On 2021/10/28 14:51, Oleksij Rempel wrote:
> Hi,
> 
> On Mon, Oct 25, 2021 at 03:30:57PM +0800, Zhang Changzhong wrote:
>> On 2021/10/22 18:23, Oleksij Rempel wrote:
>>> On Thu, Oct 21, 2021 at 10:04:16PM +0800, Zhang Changzhong wrote:
>>>> According to SAE-J1939-82 2015 (A.3.6 Row 2), a receiver should never
>>>> send TP.CM_CTS to the global address, so we can add a check in
>>>> j1939_can_recv() to drop messages with invalid source address.
>>>>
>>>> Fixes: 9d71dd0c7009 ("can: add support of SAE J1939 protocol")
>>>> Signed-off-by: Zhang Changzhong <zhangchangzhong@...wei.com>
>>>
>>> NACK. This will break Address Claiming, where first message is SA == 0xff
>>
>> I know that 0xfe can be used as a source address, but which message has a source
>> address of 0xff?
>>
>> According to SAE-J1939-81 2017 4.2.2.8:
>>
>>   The network address 255, also known as the Global address, is permitted in the
>>   Destination Address field of the SAE J1939 message identifier but never in the
>>   Source Address field.
> 
> You are right. Thx!
> 
> Are you using any testing frameworks?
> Can you please take a look here:
> https://github.com/linux-can/can-tests/tree/master/j1939
> 
> We are using this scripts for regression testing of some know bugs.

Great! I'll run these scripts before posting patches.

> 
>>
>>>
>>>> ---
>>>>  net/can/j1939/main.c | 4 ++++
>>>>  1 file changed, 4 insertions(+)
>>>>
>>>> diff --git a/net/can/j1939/main.c b/net/can/j1939/main.c
>>>> index 08c8606..4f1e4bb 100644
>>>> --- a/net/can/j1939/main.c
>>>> +++ b/net/can/j1939/main.c
>>>> @@ -75,6 +75,10 @@ static void j1939_can_recv(struct sk_buff *iskb, void *data)
>>>>  	skcb->addr.pgn = (cf->can_id >> 8) & J1939_PGN_MAX;
>>>>  	/* set default message type */
>>>>  	skcb->addr.type = J1939_TP;
>>>> +	if (!j1939_address_is_valid(skcb->addr.sa))
>>>> +		/* ignore messages whose sa is broadcast address */
>>>> +		goto done;
> 
> Please add some warning once message here. We wont to know if something bad
> is happening on the bus.

Will do. Thanks for your suggestions.

Regards,
Changzhong

> 
>>>> +
>>>>  	if (j1939_pgn_is_pdu1(skcb->addr.pgn)) {
>>>>  		/* Type 1: with destination address */
>>>>  		skcb->addr.da = skcb->addr.pgn;
>>>> -- 
>>>> 2.9.5
>>>>
>>>>
>>>>
>>>
>>
>>
> 
> Regards,
> Oleksij
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ