lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 11 Oct 2023 17:21:51 -0700
From: Florian Fainelli <f.fainelli@...il.com>
To: Michal Kubecek <mkubecek@...e.cz>,
 Florian Fainelli <florian.fainelli@...adcom.com>,
 Andrew Lunn <andrew@...n.ch>
Cc: netdev@...r.kernel.org, "David S. Miller" <davem@...emloft.net>,
 Eric Dumazet <edumazet@...gle.com>, Jakub Kicinski <kuba@...nel.org>,
 Paolo Abeni <pabeni@...hat.com>, Jonathan Corbet <corbet@....net>,
 Broadcom internal kernel review list
 <bcm-kernel-feedback-list@...adcom.com>,
 Heiner Kallweit <hkallweit1@...il.com>, Russell King
 <linux@...linux.org.uk>, opendmb@...il.com, justin.chen@...adcom.com
Subject: Re: [PATCH net-next 1/2] ethtool: Introduce WAKE_MDA



On 10/11/2023 4:08 PM, Michal Kubecek wrote:
> On Wed, Oct 11, 2023 at 03:12:39PM -0700, Florian Fainelli wrote:
>> Allow Ethernet PHY and MAC drivers with simplified matching logic to be
>> waking-up on a custom MAC destination address. This is particularly
>> useful for Ethernet PHYs which have limited amounts of buffering but can
>> still wake-up on a custom MAC destination address.
>>
>> When WAKE_MDA is specified, the "sopass" field in the existing struct
>> ethtool_wolinfo is re-purposed to hold a custom MAC destination address
>> to match against.
>>
>> Example:
>> 	ethtool -s eth0 wol e mac-da 01:00:5e:00:00:fb
>>
>> Signed-off-by: Florian Fainelli <florian.fainelli@...adcom.com>
>> ---
>>   Documentation/networking/ethtool-netlink.rst |  7 ++++++-
>>   include/uapi/linux/ethtool.h                 | 10 ++++++++--
>>   include/uapi/linux/ethtool_netlink.h         |  1 +
>>   net/ethtool/common.c                         |  1 +
>>   net/ethtool/netlink.h                        |  2 +-
>>   net/ethtool/wol.c                            | 21 ++++++++++++++++++++
>>   6 files changed, 38 insertions(+), 4 deletions(-)
>>
> [...]
>> diff --git a/include/uapi/linux/ethtool.h b/include/uapi/linux/ethtool.h
>> index f7fba0dc87e5..8134ac8870bd 100644
>> --- a/include/uapi/linux/ethtool.h
>> +++ b/include/uapi/linux/ethtool.h
>> @@ -207,12 +207,17 @@ struct ethtool_drvinfo {
>>    * @wolopts: Bitmask of %WAKE_* flags for enabled Wake-On-Lan modes.
>>    * @sopass: SecureOn(tm) password; meaningful only if %WAKE_MAGICSECURE
>>    *	is set in @wolopts.
>> + * @mac_da: Destination MAC address to match; meaningful only if
>> + *	%WAKE_MDA is set in @wolopts.
>>    */
>>   struct ethtool_wolinfo {
>>   	__u32	cmd;
>>   	__u32	supported;
>>   	__u32	wolopts;
>> -	__u8	sopass[SOPASS_MAX];
>> +	union {
>> +		__u8	sopass[SOPASS_MAX];
>> +		__u8	mac_da[ETH_ALEN];
>> +	};
>>   };
> 
> If we use the union here, we should also make sure the request cannot
> set both WAKE_MAGICSECURE and WAKE_MDA, otherwise the same data will be
> used for two different values (and interpreted in two different ways in
> GET requests and notifications).
> 
> Another option would be keeping the existing structure for ioctl UAPI
> and using another structure (like we did in other cases where we needed
> new attributes beyond frozen ioctl structures) so that a combination of
> WAKE_MAGICSECURE and WAKE_MDA is possible. (It doesn't seem to make much
> sense to me to combine WAKE_MAGICSECURE with other bits but I can't rule
> out someone might want that one day.)

I am having some second thoughts about this proposed interface as I can 
see a few limitations:

- we can only specify an exact destination MAC address to match, but the 
HW filter underneath is typically implemented using a match + mask so 
you can actually be selective about which bits you want to match on. In 
the use case that I have in mind we would actually want to match both 
multicast MAC destination addresses corresponding to mDNS over IPv4 or IPv6

- in case a MAC/PHY/switch supports multiple filters/slots we would not 
be able to address a specific slot in the matching logic

This sort of brings me back to the original proposal which allowed this:

https://lore.kernel.org/all/20230516231713.2882879-1-florian.fainelli@broadcom.com/

Andrew, what do you think?

> 
> [...]
>> diff --git a/net/ethtool/wol.c b/net/ethtool/wol.c
>> index 0ed56c9ac1bc..13dfcc9bb1e5 100644
>> --- a/net/ethtool/wol.c
>> +++ b/net/ethtool/wol.c
>> @@ -12,6 +12,7 @@ struct wol_reply_data {
>>   	struct ethnl_reply_data		base;
>>   	struct ethtool_wolinfo		wol;
>>   	bool				show_sopass;
>> +	bool				show_mac_da;
>>   };
>>   
>>   #define WOL_REPDATA(__reply_base) \
>> @@ -41,6 +42,8 @@ static int wol_prepare_data(const struct ethnl_req_info *req_base,
>>   	/* do not include password in notifications */
>>   	data->show_sopass = !genl_info_is_ntf(info) &&
>>   		(data->wol.supported & WAKE_MAGICSECURE);
>> +	data->show_mac_da = !genl_info_is_ntf(info) &&
>> +		(data->wol.supported & WAKE_MDA);
>>   
>>   	return 0;
>>   }
> 
> The test for !genl_info_is_ntf(info) above is meant to prevent the
> sopass value (which is supposed to be secret) from being included in
> notifications which can be seen by unprivileged users. Is the MAC
> address to match also supposed to be secret?

Either way could be considered, so I erred on the side of caution.
-- 
Florian

Powered by blists - more mailing lists