* [PATCH net-next 0/3] pktgen: small cleanups
@ 2014-02-21 20:38 Mathias Krause
2014-02-21 20:38 ` [PATCH net-next 1/3] pktgen: fix out-of-bounds access in pgctrl_write() Mathias Krause
` (3 more replies)
0 siblings, 4 replies; 5+ messages in thread
From: Mathias Krause @ 2014-02-21 20:38 UTC (permalink / raw)
To: David S. Miller; +Cc: netdev, Mathias Krause
This series is just a set of small cleanups of pktgen code and
documentation.
Please apply!
Mathias Krause (3):
pktgen: fix out-of-bounds access in pgctrl_write()
pktgen: simplify error handling in pgctrl_write()
pktgen: document all supported flags
Documentation/networking/pktgen.txt | 24 +++++++++++++++++++-----
net/core/pktgen.c | 32 +++++++++++++++++---------------
2 files changed, 36 insertions(+), 20 deletions(-)
--
1.7.10.4
^ permalink raw reply [flat|nested] 5+ messages in thread
* [PATCH net-next 1/3] pktgen: fix out-of-bounds access in pgctrl_write()
2014-02-21 20:38 [PATCH net-next 0/3] pktgen: small cleanups Mathias Krause
@ 2014-02-21 20:38 ` Mathias Krause
2014-02-21 20:38 ` [PATCH net-next 2/3] pktgen: simplify error handling " Mathias Krause
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: Mathias Krause @ 2014-02-21 20:38 UTC (permalink / raw)
To: David S. Miller; +Cc: netdev, Mathias Krause
If a privileged user writes an empty string to /proc/net/pktgen/pgctrl
the code for stripping the (then non-existent) '\n' actually writes the
zero byte at index -1 of data[]. The then still uninitialized array will
very likely fail the command matching tests and the pr_warning() at the
end will therefore leak stack bytes to the kernel log.
Fix those issues by simply ensuring we're passed a non-empty string as
the user API apparently expects a trailing '\n' for all commands.
Cc: "David S. Miller" <davem@davemloft.net>
Signed-off-by: Mathias Krause <minipli@googlemail.com>
---
net/core/pktgen.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/net/core/pktgen.c b/net/core/pktgen.c
index fdac61cac1..cc07c43494 100644
--- a/net/core/pktgen.c
+++ b/net/core/pktgen.c
@@ -485,6 +485,9 @@ static ssize_t pgctrl_write(struct file *file, const char __user *buf,
goto out;
}
+ if (count == 0)
+ return -EINVAL;
+
if (count > sizeof(data))
count = sizeof(data);
@@ -492,7 +495,7 @@ static ssize_t pgctrl_write(struct file *file, const char __user *buf,
err = -EFAULT;
goto out;
}
- data[count - 1] = 0; /* Make string */
+ data[count - 1] = 0; /* Strip trailing '\n' and terminate string */
if (!strcmp(data, "stop"))
pktgen_stop_all_threads_ifs(pn);
--
1.7.10.4
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [PATCH net-next 2/3] pktgen: simplify error handling in pgctrl_write()
2014-02-21 20:38 [PATCH net-next 0/3] pktgen: small cleanups Mathias Krause
2014-02-21 20:38 ` [PATCH net-next 1/3] pktgen: fix out-of-bounds access in pgctrl_write() Mathias Krause
@ 2014-02-21 20:38 ` Mathias Krause
2014-02-21 20:38 ` [PATCH net-next 3/3] pktgen: document all supported flags Mathias Krause
2014-02-24 23:54 ` [PATCH net-next 0/3] pktgen: small cleanups David Miller
3 siblings, 0 replies; 5+ messages in thread
From: Mathias Krause @ 2014-02-21 20:38 UTC (permalink / raw)
To: David S. Miller; +Cc: netdev, Mathias Krause
The 'out' label is just a relict from previous times as pgctrl_write()
had multiple error paths. Get rid of it and simply return right away
on errors.
Cc: "David S. Miller" <davem@davemloft.net>
Signed-off-by: Mathias Krause <minipli@googlemail.com>
---
net/core/pktgen.c | 19 ++++++-------------
1 file changed, 6 insertions(+), 13 deletions(-)
diff --git a/net/core/pktgen.c b/net/core/pktgen.c
index cc07c43494..53c3097117 100644
--- a/net/core/pktgen.c
+++ b/net/core/pktgen.c
@@ -476,14 +476,11 @@ static int pgctrl_show(struct seq_file *seq, void *v)
static ssize_t pgctrl_write(struct file *file, const char __user *buf,
size_t count, loff_t *ppos)
{
- int err = 0;
char data[128];
struct pktgen_net *pn = net_generic(current->nsproxy->net_ns, pg_net_id);
- if (!capable(CAP_NET_ADMIN)) {
- err = -EPERM;
- goto out;
- }
+ if (!capable(CAP_NET_ADMIN))
+ return -EPERM;
if (count == 0)
return -EINVAL;
@@ -491,10 +488,9 @@ static ssize_t pgctrl_write(struct file *file, const char __user *buf,
if (count > sizeof(data))
count = sizeof(data);
- if (copy_from_user(data, buf, count)) {
- err = -EFAULT;
- goto out;
- }
+ if (copy_from_user(data, buf, count))
+ return -EFAULT;
+
data[count - 1] = 0; /* Strip trailing '\n' and terminate string */
if (!strcmp(data, "stop"))
@@ -509,10 +505,7 @@ static ssize_t pgctrl_write(struct file *file, const char __user *buf,
else
pr_warning("Unknown command: %s\n", data);
- err = count;
-
-out:
- return err;
+ return count;
}
static int pgctrl_open(struct inode *inode, struct file *file)
--
1.7.10.4
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [PATCH net-next 3/3] pktgen: document all supported flags
2014-02-21 20:38 [PATCH net-next 0/3] pktgen: small cleanups Mathias Krause
2014-02-21 20:38 ` [PATCH net-next 1/3] pktgen: fix out-of-bounds access in pgctrl_write() Mathias Krause
2014-02-21 20:38 ` [PATCH net-next 2/3] pktgen: simplify error handling " Mathias Krause
@ 2014-02-21 20:38 ` Mathias Krause
2014-02-24 23:54 ` [PATCH net-next 0/3] pktgen: small cleanups David Miller
3 siblings, 0 replies; 5+ messages in thread
From: Mathias Krause @ 2014-02-21 20:38 UTC (permalink / raw)
To: David S. Miller; +Cc: netdev, Mathias Krause, Fan Du
The documentation misses a few of the supported flags. Fix this. Also
respect the dependency to CONFIG_XFRM for the IPSEC flag.
Cc: Fan Du <fan.du@windriver.com>
Cc: "David S. Miller" <davem@davemloft.net>
Signed-off-by: Mathias Krause <minipli@googlemail.com>
---
Documentation/networking/pktgen.txt | 24 +++++++++++++++++++-----
net/core/pktgen.c | 8 +++++++-
2 files changed, 26 insertions(+), 6 deletions(-)
diff --git a/Documentation/networking/pktgen.txt b/Documentation/networking/pktgen.txt
index 5a61a240a6..0e30c7845b 100644
--- a/Documentation/networking/pktgen.txt
+++ b/Documentation/networking/pktgen.txt
@@ -102,13 +102,18 @@ Examples:
The 'minimum' MAC is what you set with dstmac.
pgset "flag [name]" Set a flag to determine behaviour. Current flags
- are: IPSRC_RND #IP Source is random (between min/max),
- IPDST_RND, UDPSRC_RND,
- UDPDST_RND, MACSRC_RND, MACDST_RND
+ are: IPSRC_RND # IP source is random (between min/max)
+ IPDST_RND # IP destination is random
+ UDPSRC_RND, UDPDST_RND,
+ MACSRC_RND, MACDST_RND
+ TXSIZE_RND, IPV6,
MPLS_RND, VID_RND, SVID_RND
+ FLOW_SEQ,
QUEUE_MAP_RND # queue map random
QUEUE_MAP_CPU # queue map mirrors smp_processor_id()
- IPSEC # Make IPsec encapsulation for packet
+ UDPCSUM,
+ IPSEC # IPsec encapsulation (needs CONFIG_XFRM)
+ NODE_ALLOC # node specific memory allocation
pgset spi SPI_VALUE Set specific SA used to transform packet.
@@ -233,13 +238,22 @@ udp_dst_max
flag
IPSRC_RND
- TXSIZE_RND
IPDST_RND
UDPSRC_RND
UDPDST_RND
MACSRC_RND
MACDST_RND
+ TXSIZE_RND
+ IPV6
+ MPLS_RND
+ VID_RND
+ SVID_RND
+ FLOW_SEQ
+ QUEUE_MAP_RND
+ QUEUE_MAP_CPU
+ UDPCSUM
IPSEC
+ NODE_ALLOC
dst_min
dst_max
diff --git a/net/core/pktgen.c b/net/core/pktgen.c
index 53c3097117..d0dac57291 100644
--- a/net/core/pktgen.c
+++ b/net/core/pktgen.c
@@ -1247,7 +1247,13 @@ static ssize_t pktgen_if_write(struct file *file,
"Flag -:%s:- unknown\nAvailable flags, (prepend ! to un-set flag):\n%s",
f,
"IPSRC_RND, IPDST_RND, UDPSRC_RND, UDPDST_RND, "
- "MACSRC_RND, MACDST_RND, TXSIZE_RND, IPV6, MPLS_RND, VID_RND, SVID_RND, FLOW_SEQ, IPSEC, NODE_ALLOC\n");
+ "MACSRC_RND, MACDST_RND, TXSIZE_RND, IPV6, "
+ "MPLS_RND, VID_RND, SVID_RND, FLOW_SEQ, "
+ "QUEUE_MAP_RND, QUEUE_MAP_CPU, UDPCSUM, "
+#ifdef CONFIG_XFRM
+ "IPSEC, "
+#endif
+ "NODE_ALLOC\n");
return count;
}
sprintf(pg_result, "OK: flags=0x%x", pkt_dev->flags);
--
1.7.10.4
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH net-next 0/3] pktgen: small cleanups
2014-02-21 20:38 [PATCH net-next 0/3] pktgen: small cleanups Mathias Krause
` (2 preceding siblings ...)
2014-02-21 20:38 ` [PATCH net-next 3/3] pktgen: document all supported flags Mathias Krause
@ 2014-02-24 23:54 ` David Miller
3 siblings, 0 replies; 5+ messages in thread
From: David Miller @ 2014-02-24 23:54 UTC (permalink / raw)
To: minipli; +Cc: netdev
From: Mathias Krause <minipli@googlemail.com>
Date: Fri, 21 Feb 2014 21:38:33 +0100
> This series is just a set of small cleanups of pktgen code and
> documentation.
>
> Please apply!
Series applied, thank you.
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2014-02-24 23:54 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-02-21 20:38 [PATCH net-next 0/3] pktgen: small cleanups Mathias Krause
2014-02-21 20:38 ` [PATCH net-next 1/3] pktgen: fix out-of-bounds access in pgctrl_write() Mathias Krause
2014-02-21 20:38 ` [PATCH net-next 2/3] pktgen: simplify error handling " Mathias Krause
2014-02-21 20:38 ` [PATCH net-next 3/3] pktgen: document all supported flags Mathias Krause
2014-02-24 23:54 ` [PATCH net-next 0/3] pktgen: small cleanups David Miller
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.