| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250210003200.368428-1-jjcolemanx86@gmail.com>
Date: Sun, 9 Feb 2025 17:31:56 -0700
From: John J Coleman <jjcolemanx86@...il.com>
To: Andrew Lunn <andrew@...n.ch>,
Jakub Kicinski <kuba@...nel.org>,
"David S. Miller" <davem@...emloft.net>,
Eric Dumazet <edumazet@...gle.com>,
Paolo Abeni <pabeni@...hat.com>,
Simon Horman <horms@...nel.org>,
Jiri Pirko <jiri@...nulli.us>,
Ben Hutchings <bhutchings@...arflare.com>,
David Decotigny <decot@...glers.com>
Cc: John J Coleman <jjcolemanx86@...il.com>,
Jamie Bainbridge <jamie.bainbridge@...il.com>,
netdev@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: [PATCH net] ethtool: check device is present when getting ioctl settings
An ioctl caller of SIOCETHTOOL ETHTOOL_GSET can provoke the legacy
ethtool codepath on a non-present device, leading to kernel panic:
[exception RIP: qed_get_current_link+0x11]
#8 [ffffa2021d70f948] qede_get_link_ksettings at ffffffffc07bfa9a [qede]
#9 [ffffa2021d70f9d0] __rh_call_get_link_ksettings at ffffffff9bad2723
#10 [ffffa2021d70fa30] ethtool_get_settings at ffffffff9bad29d0
#11 [ffffa2021d70fb18] __dev_ethtool at ffffffff9bad442b
#12 [ffffa2021d70fc28] dev_ethtool at ffffffff9bad6db8
#13 [ffffa2021d70fc60] dev_ioctl at ffffffff9ba7a55c
#14 [ffffa2021d70fc98] sock_do_ioctl at ffffffff9ba22a44
#15 [ffffa2021d70fd08] sock_ioctl at ffffffff9ba22d1c
#16 [ffffa2021d70fd78] do_vfs_ioctl at ffffffff9b584cf4
Device is not present with no state bits set:
crash> net_device.state ffff8fff95240000
state = 0x0,
Existing patch commit a699781c79ec ("ethtool: check device is present
when getting link settings") fixes this in the modern sysfs reader's
ksettings path.
Fix this in the legacy ioctl path by checking for device presence as
well.
Fixes: 4bc71cb983fd2 ("net: consolidate and fix ethtool_ops->get_settings calling")
Fixes: 3f1ac7a700d03 ("net: ethtool: add new ETHTOOL_xLINKSETTINGS API")
Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
Tested-by: John J Coleman <jjcolemanx86@...il.com>
Co-developed-by: Jamie Bainbridge <jamie.bainbridge@...il.com>
Signed-off-by: Jamie Bainbridge <jamie.bainbridge@...il.com>
Signed-off-by: John J Coleman <jjcolemanx86@...il.com>
---
net/ethtool/ioctl.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/net/ethtool/ioctl.c b/net/ethtool/ioctl.c
index 7609ce2b2c5e2ead90aceab08b6610955914340b..1d7c72d7bb9a0fcbb8d47556ec3173440db32447 100644
--- a/net/ethtool/ioctl.c
+++ b/net/ethtool/ioctl.c
@@ -659,6 +659,9 @@ static int ethtool_get_settings(struct net_device *dev, void __user *useraddr)
int err;
ASSERT_RTNL();
+ if (!netif_device_present(dev))
+ return -ENODEV;
+
if (!dev->ethtool_ops->get_link_ksettings)
return -EOPNOTSUPP;
--
2.48.1
Powered by blists - more mailing lists