lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20250905164253.4e9902d2@kernel.org>
Date: Fri, 5 Sep 2025 16:42:53 -0700
From: Jakub Kicinski <kuba@...nel.org>
To: Breno Leitao <leitao@...ian.org>
Cc: Andrew Lunn <andrew@...n.ch>, "David S. Miller" <davem@...emloft.net>,
 Eric Dumazet <edumazet@...gle.com>, Paolo Abeni <pabeni@...hat.com>, Simon
 Horman <horms@...nel.org>, "Michael S. Tsirkin" <mst@...hat.com>, Jason
 Wang <jasowang@...hat.com>, Xuan Zhuo <xuanzhuo@...ux.alibaba.com>, Eugenio
 Pérez <eperezma@...hat.com>, Andrew Lunn
 <andrew+netdev@...n.ch>, netdev@...r.kernel.org,
 linux-kernel@...r.kernel.org, virtualization@...ts.linux.dev,
 jdamato@...tly.com, kernel-team@...a.com
Subject: Re: [PATCH RFC net-next 4/7] net: ethtool: add get_rxrings callback
 to optimize RX ring queries

On Fri, 05 Sep 2025 10:07:23 -0700 Breno Leitao wrote:
> +	int	(*get_rxrings)(struct net_device *dev);

I think this can return u32..
The drivers can't possibly fail to know how many queues they have.
We already do that for get_rxfh_*_size callbacks

>  	void	(*get_pause_stats)(struct net_device *dev,
>  				   struct ethtool_pause_stats *pause_stats);
>  	void	(*get_pauseparam)(struct net_device *,
> diff --git a/net/ethtool/ioctl.c b/net/ethtool/ioctl.c
> index 1a9ad47f60313..2f3dbef9eb712 100644
> --- a/net/ethtool/ioctl.c
> +++ b/net/ethtool/ioctl.c
> @@ -1208,6 +1208,22 @@ static noinline_for_stack int ethtool_set_rxnfc(struct net_device *dev,
>  	return 0;
>  }
>  
> +static int get_num_rxrings(struct net_device *dev)

This one has to indeed keep returning int, until we get rid of
get_rxnfc fallback completely.

> +{
> +	const struct ethtool_ops *ops = dev->ethtool_ops;
> +	struct ethtool_rxnfc rx_rings;
> +	int ret;
> +
> +	if (ops->get_rxrings)
> +		return ops->get_rxrings(dev);
> +
> +	ret = ops->get_rxnfc(dev, &rx_rings, NULL);
> +	if (ret < 0)
> +		return ret;
> +
> +	return rx_rings.data;
> +}
> +
>  static noinline_for_stack int ethtool_get_rxrings(struct net_device *dev,
>  						  u32 cmd,
>  						  void __user *useraddr)
> @@ -1217,16 +1233,17 @@ static noinline_for_stack int ethtool_get_rxrings(struct net_device *dev,
>  	const struct ethtool_ops *ops = dev->ethtool_ops;
>  	int ret;
>  
> -	if (!ops->get_rxnfc)
> +	if (!ops->get_rxnfc && !ops->get_rxrings)
>  		return -EOPNOTSUPP;
>  
>  	ret = ethtool_rxnfc_copy_struct(cmd, &info, &info_size, useraddr);
>  	if (ret)
>  		return ret;
>  
> -	ret = ops->get_rxnfc(dev, &info, NULL);
> -	if (ret < 0)
> -		return ret;
> +	if (WARN_ON_ONCE(info.cmd != ETHTOOL_GRXRINGS))
> +		return -EOPNOTSUPP;

I think malicious user space can trigger this warning with a TOCTOU
race. Let's skip the check, it's not really needed?

> +	info.data = get_num_rxrings(dev);

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ