* [PATCH v2 0/2] Fix implicit sign conversions in handshake upcall
@ 2023-09-21 13:07 Chuck Lever
2023-09-21 13:07 ` [PATCH v2 1/2] handshake: Fix sign of socket file descriptor fields Chuck Lever
` (3 more replies)
0 siblings, 4 replies; 5+ messages in thread
From: Chuck Lever @ 2023-09-21 13:07 UTC (permalink / raw)
To: netdev, kernel-tls-handshake; +Cc: Chuck Lever
An internal static analysis tool noticed some implicit sign
conversions for some of the arguments in the handshake upcall
protocol.
---
Chuck Lever (2):
handshake: Fix sign of socket file descriptor fields
handshake: Fix sign of key_serial_t fields
Changes since v1:
- Rebased on 581512a6dc93 ("vsock/virtio: MSG_ZEROCOPY flag support")
Documentation/netlink/specs/handshake.yaml | 8 ++++----
net/handshake/genl.c | 2 +-
net/handshake/netlink.c | 2 +-
net/handshake/tlshd.c | 6 +++---
tools/net/ynl/generated/handshake-user.h | 10 +++++-----
5 files changed, 14 insertions(+), 14 deletions(-)
--
Chuck Lever
^ permalink raw reply [flat|nested] 5+ messages in thread
* [PATCH v2 1/2] handshake: Fix sign of socket file descriptor fields
2023-09-21 13:07 [PATCH v2 0/2] Fix implicit sign conversions in handshake upcall Chuck Lever
@ 2023-09-21 13:07 ` Chuck Lever
2023-09-21 13:08 ` [PATCH v2 2/2] handshake: Fix sign of key_serial_t fields Chuck Lever
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: Chuck Lever @ 2023-09-21 13:07 UTC (permalink / raw)
To: netdev, kernel-tls-handshake; +Cc: Chuck Lever
From: Chuck Lever <chuck.lever@oracle.com>
Socket file descriptors are signed integers. Use nla_get/put_s32 for
those to avoid implicit signed conversion in the netlink protocol.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
---
Documentation/netlink/specs/handshake.yaml | 4 ++--
net/handshake/genl.c | 2 +-
net/handshake/netlink.c | 2 +-
net/handshake/tlshd.c | 2 +-
tools/net/ynl/generated/handshake-user.h | 6 +++---
5 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/Documentation/netlink/specs/handshake.yaml b/Documentation/netlink/specs/handshake.yaml
index 6d89e30f5fd5..a49b46b80e16 100644
--- a/Documentation/netlink/specs/handshake.yaml
+++ b/Documentation/netlink/specs/handshake.yaml
@@ -43,7 +43,7 @@ attribute-sets:
attributes:
-
name: sockfd
- type: u32
+ type: s32
-
name: handler-class
type: u32
@@ -79,7 +79,7 @@ attribute-sets:
type: u32
-
name: sockfd
- type: u32
+ type: s32
-
name: remote-auth
type: u32
diff --git a/net/handshake/genl.c b/net/handshake/genl.c
index 233be5cbfec9..f55d14d7b726 100644
--- a/net/handshake/genl.c
+++ b/net/handshake/genl.c
@@ -18,7 +18,7 @@ static const struct nla_policy handshake_accept_nl_policy[HANDSHAKE_A_ACCEPT_HAN
/* HANDSHAKE_CMD_DONE - do */
static const struct nla_policy handshake_done_nl_policy[HANDSHAKE_A_DONE_REMOTE_AUTH + 1] = {
[HANDSHAKE_A_DONE_STATUS] = { .type = NLA_U32, },
- [HANDSHAKE_A_DONE_SOCKFD] = { .type = NLA_U32, },
+ [HANDSHAKE_A_DONE_SOCKFD] = { .type = NLA_S32, },
[HANDSHAKE_A_DONE_REMOTE_AUTH] = { .type = NLA_U32, },
};
diff --git a/net/handshake/netlink.c b/net/handshake/netlink.c
index d0bc1dd8e65a..64a0046dd611 100644
--- a/net/handshake/netlink.c
+++ b/net/handshake/netlink.c
@@ -163,7 +163,7 @@ int handshake_nl_done_doit(struct sk_buff *skb, struct genl_info *info)
if (GENL_REQ_ATTR_CHECK(info, HANDSHAKE_A_DONE_SOCKFD))
return -EINVAL;
- fd = nla_get_u32(info->attrs[HANDSHAKE_A_DONE_SOCKFD]);
+ fd = nla_get_s32(info->attrs[HANDSHAKE_A_DONE_SOCKFD]);
sock = sockfd_lookup(fd, &err);
if (!sock)
diff --git a/net/handshake/tlshd.c b/net/handshake/tlshd.c
index bbfb4095ddd6..7ac80201aa1f 100644
--- a/net/handshake/tlshd.c
+++ b/net/handshake/tlshd.c
@@ -214,7 +214,7 @@ static int tls_handshake_accept(struct handshake_req *req,
goto out_cancel;
ret = -EMSGSIZE;
- ret = nla_put_u32(msg, HANDSHAKE_A_ACCEPT_SOCKFD, fd);
+ ret = nla_put_s32(msg, HANDSHAKE_A_ACCEPT_SOCKFD, fd);
if (ret < 0)
goto out_cancel;
ret = nla_put_u32(msg, HANDSHAKE_A_ACCEPT_MESSAGE_TYPE, treq->th_type);
diff --git a/tools/net/ynl/generated/handshake-user.h b/tools/net/ynl/generated/handshake-user.h
index 47646bb91cea..f8e481fa9e09 100644
--- a/tools/net/ynl/generated/handshake-user.h
+++ b/tools/net/ynl/generated/handshake-user.h
@@ -65,7 +65,7 @@ struct handshake_accept_rsp {
__u32 peername_len;
} _present;
- __u32 sockfd;
+ __s32 sockfd;
enum handshake_msg_type message_type;
__u32 timeout;
enum handshake_auth auth_mode;
@@ -104,7 +104,7 @@ struct handshake_done_req {
} _present;
__u32 status;
- __u32 sockfd;
+ __s32 sockfd;
unsigned int n_remote_auth;
__u32 *remote_auth;
};
@@ -122,7 +122,7 @@ handshake_done_req_set_status(struct handshake_done_req *req, __u32 status)
req->status = status;
}
static inline void
-handshake_done_req_set_sockfd(struct handshake_done_req *req, __u32 sockfd)
+handshake_done_req_set_sockfd(struct handshake_done_req *req, __s32 sockfd)
{
req->_present.sockfd = 1;
req->sockfd = sockfd;
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [PATCH v2 2/2] handshake: Fix sign of key_serial_t fields
2023-09-21 13:07 [PATCH v2 0/2] Fix implicit sign conversions in handshake upcall Chuck Lever
2023-09-21 13:07 ` [PATCH v2 1/2] handshake: Fix sign of socket file descriptor fields Chuck Lever
@ 2023-09-21 13:08 ` Chuck Lever
2023-09-21 21:56 ` [PATCH v2 0/2] Fix implicit sign conversions in handshake upcall Simon Horman
2023-10-02 19:40 ` patchwork-bot+netdevbpf
3 siblings, 0 replies; 5+ messages in thread
From: Chuck Lever @ 2023-09-21 13:08 UTC (permalink / raw)
To: netdev, kernel-tls-handshake; +Cc: Chuck Lever
From: Chuck Lever <chuck.lever@oracle.com>
key_serial_t fields are signed integers. Use nla_get/put_s32 for
those to avoid implicit signed conversion in the netlink protocol.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
---
Documentation/netlink/specs/handshake.yaml | 4 ++--
net/handshake/tlshd.c | 4 ++--
tools/net/ynl/generated/handshake-user.h | 4 ++--
3 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/Documentation/netlink/specs/handshake.yaml b/Documentation/netlink/specs/handshake.yaml
index a49b46b80e16..b934cc513e3d 100644
--- a/Documentation/netlink/specs/handshake.yaml
+++ b/Documentation/netlink/specs/handshake.yaml
@@ -34,10 +34,10 @@ attribute-sets:
attributes:
-
name: cert
- type: u32
+ type: s32
-
name: privkey
- type: u32
+ type: s32
-
name: accept
attributes:
diff --git a/net/handshake/tlshd.c b/net/handshake/tlshd.c
index 7ac80201aa1f..d697f68c598c 100644
--- a/net/handshake/tlshd.c
+++ b/net/handshake/tlshd.c
@@ -173,9 +173,9 @@ static int tls_handshake_put_certificate(struct sk_buff *msg,
if (!entry_attr)
return -EMSGSIZE;
- if (nla_put_u32(msg, HANDSHAKE_A_X509_CERT,
+ if (nla_put_s32(msg, HANDSHAKE_A_X509_CERT,
treq->th_certificate) ||
- nla_put_u32(msg, HANDSHAKE_A_X509_PRIVKEY,
+ nla_put_s32(msg, HANDSHAKE_A_X509_PRIVKEY,
treq->th_privkey)) {
nla_nest_cancel(msg, entry_attr);
return -EMSGSIZE;
diff --git a/tools/net/ynl/generated/handshake-user.h b/tools/net/ynl/generated/handshake-user.h
index f8e481fa9e09..2b34acc608de 100644
--- a/tools/net/ynl/generated/handshake-user.h
+++ b/tools/net/ynl/generated/handshake-user.h
@@ -28,8 +28,8 @@ struct handshake_x509 {
__u32 privkey:1;
} _present;
- __u32 cert;
- __u32 privkey;
+ __s32 cert;
+ __s32 privkey;
};
/* ============== HANDSHAKE_CMD_ACCEPT ============== */
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH v2 0/2] Fix implicit sign conversions in handshake upcall
2023-09-21 13:07 [PATCH v2 0/2] Fix implicit sign conversions in handshake upcall Chuck Lever
2023-09-21 13:07 ` [PATCH v2 1/2] handshake: Fix sign of socket file descriptor fields Chuck Lever
2023-09-21 13:08 ` [PATCH v2 2/2] handshake: Fix sign of key_serial_t fields Chuck Lever
@ 2023-09-21 21:56 ` Simon Horman
2023-10-02 19:40 ` patchwork-bot+netdevbpf
3 siblings, 0 replies; 5+ messages in thread
From: Simon Horman @ 2023-09-21 21:56 UTC (permalink / raw)
To: Chuck Lever; +Cc: netdev, kernel-tls-handshake, Chuck Lever
On Thu, Sep 21, 2023 at 09:07:14AM -0400, Chuck Lever wrote:
> An internal static analysis tool noticed some implicit sign
> conversions for some of the arguments in the handshake upcall
> protocol.
>
> ---
...
For series,
Reviewed-by: Simon Horman <horms@kernel.org>
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH v2 0/2] Fix implicit sign conversions in handshake upcall
2023-09-21 13:07 [PATCH v2 0/2] Fix implicit sign conversions in handshake upcall Chuck Lever
` (2 preceding siblings ...)
2023-09-21 21:56 ` [PATCH v2 0/2] Fix implicit sign conversions in handshake upcall Simon Horman
@ 2023-10-02 19:40 ` patchwork-bot+netdevbpf
3 siblings, 0 replies; 5+ messages in thread
From: patchwork-bot+netdevbpf @ 2023-10-02 19:40 UTC (permalink / raw)
To: Chuck Lever; +Cc: netdev, kernel-tls-handshake, chuck.lever
Hello:
This series was applied to netdev/net-next.git (main)
by Jakub Kicinski <kuba@kernel.org>:
On Thu, 21 Sep 2023 09:07:14 -0400 you wrote:
> An internal static analysis tool noticed some implicit sign
> conversions for some of the arguments in the handshake upcall
> protocol.
>
> ---
>
> Chuck Lever (2):
> handshake: Fix sign of socket file descriptor fields
> handshake: Fix sign of key_serial_t fields
>
> [...]
Here is the summary with links:
- [v2,1/2] handshake: Fix sign of socket file descriptor fields
https://git.kernel.org/netdev/net-next/c/a6b07a51b161
- [v2,2/2] handshake: Fix sign of key_serial_t fields
https://git.kernel.org/netdev/net-next/c/160f404495aa
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2023-10-02 19:40 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-09-21 13:07 [PATCH v2 0/2] Fix implicit sign conversions in handshake upcall Chuck Lever
2023-09-21 13:07 ` [PATCH v2 1/2] handshake: Fix sign of socket file descriptor fields Chuck Lever
2023-09-21 13:08 ` [PATCH v2 2/2] handshake: Fix sign of key_serial_t fields Chuck Lever
2023-09-21 21:56 ` [PATCH v2 0/2] Fix implicit sign conversions in handshake upcall Simon Horman
2023-10-02 19:40 ` patchwork-bot+netdevbpf
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).