| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Y9NfkgRbWAbrxQ1G@unreal>
Date: Fri, 27 Jan 2023 07:22:26 +0200
From: Leon Romanovsky <leon@...nel.org>
To: Vladimir Oltean <olteanv@...il.com>
Cc: "David S . Miller" <davem@...emloft.net>,
Jakub Kicinski <kuba@...nel.org>, Andrew Lunn <andrew@...n.ch>,
bridge@...ts.linux-foundation.org,
Eric Dumazet <edumazet@...gle.com>,
Florian Fainelli <f.fainelli@...il.com>,
netdev@...r.kernel.org, Nikolay Aleksandrov <razor@...ckwall.org>,
Paolo Abeni <pabeni@...hat.com>,
Roopa Prabhu <roopa@...dia.com>
Subject: Re: [PATCH net-next] netlink: provide an ability to set default
extack message
On Fri, Jan 27, 2023 at 12:32:13AM +0200, Vladimir Oltean wrote:
> On Thu, Jan 26, 2023 at 09:15:03PM +0200, Leon Romanovsky wrote:
> > From: Leon Romanovsky <leonro@...dia.com>
> >
> > In netdev common pattern, xxtack pointer is forwarded to the drivers
> ~~~~~~
> extack
>
> > to be filled with error message. However, the caller can easily
> > overwrite the filled message.
> >
> > Instead of adding multiple "if (!extack->_msg)" checks before any
> > NL_SET_ERR_MSG() call, which appears after call to the driver, let's
> > add this check to common code.
> >
> > [1] https://lore.kernel.org/all/Y9Irgrgf3uxOjwUm@unreal
> > Signed-off-by: Leon Romanovsky <leonro@...dia.com>
> > ---
>
> I would somewhat prefer not doing this, and instead introducing a new
> NL_SET_ERR_MSG_WEAK() of sorts.
It means changing ALL error unwind places where extack was forwarded
before to subfunctions.
Places like this:
ret = func(..., extack)
if (ret) {
NL_SET_ERR_MSG_MOD...
return ret;
}
will need to be changed to something like this:
ret = func(..., extack)
if (ret) {
NL_SET_ERR_MSG_WEAK...
return ret;
}
>
> The reason has to do with the fact that an extack is sometimes also
> used to convey warnings rather than hard errors, for example right here
> in net/dsa/slave.c:
>
> if (err == -EOPNOTSUPP) {
> if (extack && !extack->_msg)
> NL_SET_ERR_MSG_MOD(extack,
> "Offloading not supported");
> NL_SET_ERR_MSG_MOD(extack,
> "Offloading not supported");
> err = 0;
> }
>
> Imagine (not the case here) that below such a "warning extack" lies
> something like this:
>
> if (arg > range) {
> NL_SET_ERR_MSG_MOD(extack, "Argument outside expected range");
> return -ERANGE;
> }
>
> What you'll get is:
>
> Error: Offloading not supported (error code -ERANGE).
>
> whereas before, we relied on any NL_SET_ERR_MSG_MOD() call to overwrite
> the "warning" extack, and that to only be shown on error code 0.
Can we please discuss current code and not over-engineered case which
doesn't exist in the reality?
Even for your case, I would like to see NL_SET_ERR_MSG_FORCE() to
explicitly say that message will be overwritten.
Thanks
Powered by blists - more mailing lists