lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <a646f996-c1b3-4145-83dd-835aa5e29b16@intel.com>
Date: Wed, 10 Jul 2024 13:13:54 -0700
From: Jacob Keller <jacob.e.keller@...el.com>
To: Jakub Kicinski <kuba@...nel.org>, <davem@...emloft.net>
CC: <netdev@...r.kernel.org>, <edumazet@...gle.com>, <pabeni@...hat.com>,
	<przemyslaw.kitszel@...el.com>, <ecree.xilinx@...il.com>
Subject: Re: [PATCH net-next 1/2] ethtool: fail closed if we can't get max
 channel used in indirection tables



On 7/10/2024 10:40 AM, Jakub Kicinski wrote:
> Commit 0d1b7d6c9274 ("bnxt: fix crashes when reducing ring count with
> active RSS contexts") proves that allowing indirection table to contain
> channels with out of bounds IDs may lead to crashes. Currently the
> max channel check in the core gets skipped if driver can't fetch
> the indirection table or when we can't allocate memory.
> 

Reviewed-by: Jacob Keller <jacob.e.keller@...el.com>

Nice. Fixing this in the core for all drivers is better than having to
patch each driver to avoid crashing. Reducing ring counts with active
RSS has caused issues on Intel drivers in the past too.

> Both of those conditions should be extremely rare but if they do
> happen we should try to be safe and fail the channel change.
> 
> Signed-off-by: Jakub Kicinski <kuba@...nel.org>
> ---
>  net/ethtool/channels.c |  6 ++----
>  net/ethtool/common.c   | 26 +++++++++++++++-----------
>  net/ethtool/common.h   |  2 +-
>  net/ethtool/ioctl.c    |  4 +---
>  4 files changed, 19 insertions(+), 19 deletions(-)
> 
> diff --git a/net/ethtool/channels.c b/net/ethtool/channels.c
> index 7b4bbd674bae..cee188da54f8 100644
> --- a/net/ethtool/channels.c
> +++ b/net/ethtool/channels.c
> @@ -171,11 +171,9 @@ ethnl_set_channels(struct ethnl_req_info *req_info, struct genl_info *info)
>  	 */
>  	if (ethtool_get_max_rxnfc_channel(dev, &max_rxnfc_in_use))
>  		max_rxnfc_in_use = 0;
> -	if (!netif_is_rxfh_configured(dev) ||
> -	    ethtool_get_max_rxfh_channel(dev, &max_rxfh_in_use))
> -		max_rxfh_in_use = 0;
> +	max_rxfh_in_use = ethtool_get_max_rxfh_channel(dev);

We explicitly call ethtool_get_max_rxfh_channel here now.

>  	if (channels.combined_count + channels.rx_count <= max_rxfh_in_use) {
> -		GENL_SET_ERR_MSG(info, "requested channel counts are too low for existing indirection table settings");
> +		GENL_SET_ERR_MSG_FMT(info, "requested channel counts are too low for existing indirection table (%d)", max_rxfh_in_use);
>  		return -EINVAL;
>  	}
>  	if (channels.combined_count + channels.rx_count <= max_rxnfc_in_use) {
> diff --git a/net/ethtool/common.c b/net/ethtool/common.c
> index 6b2a360dcdf0..8a62375ebd1f 100644
> --- a/net/ethtool/common.c
> +++ b/net/ethtool/common.c
> @@ -587,35 +587,39 @@ int ethtool_get_max_rxnfc_channel(struct net_device *dev, u64 *max)
>  	return err;
>  }
>  
> -int ethtool_get_max_rxfh_channel(struct net_device *dev, u32 *max)
> +u32 ethtool_get_max_rxfh_channel(struct net_device *dev)
>  {
>  	struct ethtool_rxfh_param rxfh = {};
> -	u32 dev_size, current_max = 0;
> +	u32 dev_size, current_max;
>  	int ret;
>  
> +	if (!netif_is_rxfh_configured(dev))
> +		return 0;
> +

Because now it will return something sensible.

>  	if (!dev->ethtool_ops->get_rxfh_indir_size ||
>  	    !dev->ethtool_ops->get_rxfh)
> -		return -EOPNOTSUPP;
> +		return 0;
>  	dev_size = dev->ethtool_ops->get_rxfh_indir_size(dev);
>  	if (dev_size == 0)
> -		return -EOPNOTSUPP;
> +		return 0;
>  
>  	rxfh.indir = kcalloc(dev_size, sizeof(rxfh.indir[0]), GFP_USER);
>  	if (!rxfh.indir)
> -		return -ENOMEM;
> +		return U32_MAX;
>  

And we return U32_MAX to indicate catastrophic errors such as no table,
or a failure from the driver. This forces it to fail the configuration
change.

Nice.

>  	ret = dev->ethtool_ops->get_rxfh(dev, &rxfh);
> -	if (ret)
> -		goto out;
> +	if (ret) {
> +		current_max = U32_MAX;
> +		goto out_free;
> +	}
>  
> +	current_max = 0;
>  	while (dev_size--)
>  		current_max = max(current_max, rxfh.indir[dev_size]);
>  
> -	*max = current_max;
> -
> -out:
> +out_free:
>  	kfree(rxfh.indir);
> -	return ret;
> +	return current_max;
>  }
>  
>  int ethtool_check_ops(const struct ethtool_ops *ops)
> diff --git a/net/ethtool/common.h b/net/ethtool/common.h
> index 28b8aaaf9bcb..b55705a9ad5a 100644
> --- a/net/ethtool/common.h
> +++ b/net/ethtool/common.h
> @@ -42,7 +42,7 @@ int __ethtool_get_link(struct net_device *dev);
>  bool convert_legacy_settings_to_link_ksettings(
>  	struct ethtool_link_ksettings *link_ksettings,
>  	const struct ethtool_cmd *legacy_settings);
> -int ethtool_get_max_rxfh_channel(struct net_device *dev, u32 *max);
> +u32 ethtool_get_max_rxfh_channel(struct net_device *dev);
>  int ethtool_get_max_rxnfc_channel(struct net_device *dev, u64 *max);
>  int __ethtool_get_ts_info(struct net_device *dev, struct ethtool_ts_info *info);
>  
> diff --git a/net/ethtool/ioctl.c b/net/ethtool/ioctl.c
> index d72b0fec89af..615812ff8974 100644
> --- a/net/ethtool/ioctl.c
> +++ b/net/ethtool/ioctl.c
> @@ -2049,9 +2049,7 @@ static noinline_for_stack int ethtool_set_channels(struct net_device *dev,
>  	 * indirection table/rxnfc settings */
>  	if (ethtool_get_max_rxnfc_channel(dev, &max_rxnfc_in_use))
>  		max_rxnfc_in_use = 0;
> -	if (!netif_is_rxfh_configured(dev) ||
> -	    ethtool_get_max_rxfh_channel(dev, &max_rxfh_in_use))
> -		max_rxfh_in_use = 0;
> +	max_rxfh_in_use = ethtool_get_max_rxfh_channel(dev);
>  	if (channels.combined_count + channels.rx_count <=
>  	    max_t(u64, max_rxnfc_in_use, max_rxfh_in_use))
>  		return -EINVAL;

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ