lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Sat, 14 May 2022 23:16:46 +0900
From:   Vincent Mailhol <mailhol.vincent@...adoo.fr>
To:     Marc Kleine-Budde <mkl@...gutronix.de>
Cc:     linux-can@...r.kernel.org, linux-kernel@...r.kernel.org,
        Max Staudt <max@...as.org>,
        Oliver Hartkopp <socketcan@...tkopp.net>,
        netdev@...r.kernel.org,
        Vincent Mailhol <mailhol.vincent@...adoo.fr>
Subject: [PATCH v3 0/4] can: can_dropped_invalid_skb() and Kbuild changes

In listen only mode, tx CAN frames can still reach the driver if
injected via the packet socket. This series add a check toward
CAN_CTRLMODE_LISTENONLY in can_dropped_invalid_skb() to discard such
skb.

The fourth and last patch is the actual change. This goal cascaded in
the need to create other patches which will be explained in reverse
order.

The third patch migrates can_dropped_invalid_skb() and
can_skb_headroom_valid() from skb.h to skb.c. This preparation is
needed because skb.h does not include linux/can/dev.h (for struct
can_priv) and uapi/linux/can/netlink.h (for the definition of
CAN_CTRLMODE_LISTEONLY) which we need for this change. The function
being already big, better to de-inline them and move them to a .c
file.

The third patch would not work without some adjustment to Kbuild. VCAN
and VXCAN are users of can_dropped_invalid_skb() but do not depend on
CAN_DEV and thus would not see the symbols from skb.o if
CONFIG_CAN_DEV is not selected. c.f. kernel test robot report on the
v2 of this series [1]. The second patch modifies Kbuild to fix it.

slcan does not depend of can_dropped_invalid_skb() which would make it
the only driver with no dependencies on CAN_DEV. Because I wanted an
excuse to move all the driver under CAN_DEV in the second patch, the
first patch applies can_dropped_invalid_skb() to slcan to make it
dependent.

[1] https://lore.kernel.org/linux-can/202205141221.H0aZXRak-lkp@intel.com/


* Changelog *

v2 -> v3

  * Apply can_dropped_invalid_skb() to slcan.

  * Make vcan, vxcan and slcan dependent of CONFIG_CAN_DEV by
    modifying Kbuild.

  * fix small typos.

v1 -> v2

  * move can_dropped_invalid_skb() to skb.c instead of dev.h

  * also move can_skb_headroom_valid() to skb.c

Vincent Mailhol (4):
  can: slcan: use can_dropped_invalid_skb() instead of manual check
  can: Kconfig: change CAN_DEV into a menuconfig
  can: skb:: move can_dropped_invalid_skb and can_skb_headroom_valid to
    skb.c
  can: dev: drop tx skb if in listen only mode

 drivers/net/can/Kconfig   | 33 +++++++++++---------
 drivers/net/can/dev/skb.c | 65 +++++++++++++++++++++++++++++++++++++++
 drivers/net/can/slcan.c   |  4 +--
 include/linux/can/skb.h   | 59 +----------------------------------
 4 files changed, 87 insertions(+), 74 deletions(-)

-- 
2.35.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ