| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 17 Jul 2022 16:18:56 +0200
From: Guillaume Nault <gnault@...hat.com>
To: Marcin Szycik <marcin.szycik@...ux.intel.com>
Cc: netdev@...r.kernel.org, anthony.l.nguyen@...el.com,
davem@...emloft.net, xiyou.wangcong@...il.com,
jesse.brandeburg@...el.com, gustavoars@...nel.org,
baowen.zheng@...igine.com, boris.sukholitko@...adcom.com,
edumazet@...gle.com, kuba@...nel.org, jhs@...atatu.com,
jiri@...nulli.us, kurt@...utronix.de, pablo@...filter.org,
pabeni@...hat.com, paulb@...dia.com, simon.horman@...igine.com,
komachi.yoshiki@...il.com, zhangkaiheb@....com,
intel-wired-lan@...ts.osuosl.org,
michal.swiatkowski@...ux.intel.com, wojciech.drewek@...el.com,
alexandr.lobakin@...el.com, mostrows@...akeasy.net,
paulus@...ba.org
Subject: Re: [RFC PATCH net-next v5 1/4] flow_dissector: Add PPPoE dissectors
On Fri, Jul 15, 2022 at 03:04:27PM +0200, Marcin Szycik wrote:
> +/**
> + * is_ppp_proto_supported - checks if inner PPP protocol should be dissected
> + * @proto: protocol type (PPP proto field)
> + */
> +static bool is_ppp_proto_supported(__be16 proto)
> +{
> + switch (proto) {
> + case htons(PPP_AT):
> + case htons(PPP_IPX):
> + case htons(PPP_VJC_COMP):
> + case htons(PPP_VJC_UNCOMP):
> + case htons(PPP_MP):
> + case htons(PPP_COMPFRAG):
> + case htons(PPP_COMP):
> + case htons(PPP_IPCP):
> + case htons(PPP_ATCP):
> + case htons(PPP_IPXCP):
> + case htons(PPP_IPV6CP):
> + case htons(PPP_CCPFRAG):
> + case htons(PPP_MPLSCP):
> + case htons(PPP_LCP):
> + case htons(PPP_PAP):
> + case htons(PPP_LQR):
> + case htons(PPP_CHAP):
> + case htons(PPP_CBCP):
> + return true;
> + default:
> + return false;
> + }
> +}
The more I think about it, the more I believe we should make this
function more generic by following the Protocol field definition found
in section 2 of RFC 1661:
https://datatracker.ietf.org/doc/html/rfc1661#section-2
I mean, it's very surprising that is_ppp_proto_supported() returns
false for protocols like PPP_IP or PPP_IPV6, which certainly are
supported. Of course, in the context of your patch, PPP_IP and PPP_IPV6
have been tested first, but that makes the code a bit unclear.
We could define a simpler and more generic helper function (probably in
a ppp header file). Something like (unstested):
/* Assumes proto isn't compressed. */
static bool ppp_proto_is_valid(u16 proto) /*
{
/* Protocol must be odd and the least significant bit of the
* most significant octet must be 0 (see RFC 1661, section 2).
*/
return !!(proto & 0X0101 == 0x0001)
}
BTW, we don't have to restrict the list of supported protocols to the
PPP_* numbers defined in the kernel as we have no indication that the PPP
frame is going to be handled locally.
> +static bool is_pppoe_ses_hdr_valid(struct pppoe_hdr hdr)
> +{
> + return hdr.ver == 1 && hdr.type == 1 && hdr.code == 0;
> +}
> +
> /**
> * __skb_flow_dissect - extract the flow_keys struct and return it
> * @net: associated network namespace, derived from @skb if NULL
> @@ -1214,26 +1250,61 @@ bool __skb_flow_dissect(const struct net *net,
> struct pppoe_hdr hdr;
> __be16 proto;
> } *hdr, _hdr;
> + u16 ppp_proto;
> +
> hdr = __skb_header_pointer(skb, nhoff, sizeof(_hdr), data, hlen, &_hdr);
> if (!hdr) {
> fdret = FLOW_DISSECT_RET_OUT_BAD;
> break;
> }
>
> - nhoff += PPPOE_SES_HLEN;
> - switch (hdr->proto) {
> - case htons(PPP_IP):
> + if (!is_pppoe_ses_hdr_valid(hdr->hdr)) {
> + fdret = FLOW_DISSECT_RET_OUT_BAD;
> + break;
> + }
> +
> + /* least significant bit of the least significant octet
That's the least significant bit of the _most significant_ octet (the
one of the least significant octet must always be 1).
> + * indicates if protocol field was compressed
> + */
> + ppp_proto = ntohs(hdr->proto);
> + if (ppp_proto & 256) {
Using hex would improve readability in my opinion (that is,
s/256/0x0100/).
> + ppp_proto = htons(ppp_proto >> 8);
I don't get why you convert ppp_proto back to network byte order.
That contradicts the type annotation (u16).
> + nhoff += PPPOE_SES_HLEN - 1;
> + } else {
> + ppp_proto = htons(ppp_proto);
Same here. We could leave ppp_proto untouched in this branch.
> + nhoff += PPPOE_SES_HLEN;
> + }
> +
> + if (ppp_proto == htons(PPP_IP)) {
With ppp_proto kept in host byte order, the htons() call would need to
go.
> proto = htons(ETH_P_IP);
> fdret = FLOW_DISSECT_RET_PROTO_AGAIN;
> - break;
> - case htons(PPP_IPV6):
> + } else if (ppp_proto == htons(PPP_IPV6)) {
Same here, and in the following 'if' branches.
> proto = htons(ETH_P_IPV6);
> fdret = FLOW_DISSECT_RET_PROTO_AGAIN;
> - break;
> - default:
> + } else if (ppp_proto == htons(PPP_MPLS_UC)) {
> + proto = htons(ETH_P_MPLS_UC);
> + fdret = FLOW_DISSECT_RET_PROTO_AGAIN;
> + } else if (ppp_proto == htons(PPP_MPLS_MC)) {
> + proto = htons(ETH_P_MPLS_MC);
> + fdret = FLOW_DISSECT_RET_PROTO_AGAIN;
> + } else if (is_ppp_proto_supported(ppp_proto)) {
> + fdret = FLOW_DISSECT_RET_OUT_GOOD;
> + } else {
> fdret = FLOW_DISSECT_RET_OUT_BAD;
> break;
> }
> +
> + if (dissector_uses_key(flow_dissector,
> + FLOW_DISSECTOR_KEY_PPPOE)) {
> + struct flow_dissector_key_pppoe *key_pppoe;
> +
> + key_pppoe = skb_flow_dissector_target(flow_dissector,
> + FLOW_DISSECTOR_KEY_PPPOE,
> + target_container);
> + key_pppoe->session_id = hdr->hdr.sid;
> + key_pppoe->ppp_proto = ppp_proto;
With ppp_proto being u16, we'd now need to call htons(ppp_proto).
> + key_pppoe->type = htons(ETH_P_PPP_SES);
> + }
> break;
> }
> case htons(ETH_P_TIPC): {
> --
> 2.35.1
>
Powered by blists - more mailing lists