All of lore.kernel.org
 help / color / mirror / Atom feed
* [bug report] net: fix dev_ifsioc_locked() race condition
@ 2021-02-16 19:38 Dan Carpenter
  2021-02-16 19:52 ` Cong Wang
  0 siblings, 1 reply; 2+ messages in thread
From: Dan Carpenter @ 2021-02-16 19:38 UTC (permalink / raw)
  To: cong.wang; +Cc: netdev

Hello Cong Wang,

The patch 3b23a32a6321: "net: fix dev_ifsioc_locked() race condition"
from Feb 11, 2021, leads to the following static checker warning:

	drivers/net/tap.c:1095 tap_ioctl()
	warn: check that 'sa.sa_family' doesn't leak information

drivers/net/tap.c
  1084  
  1085          case SIOCGIFHWADDR:
  1086                  rtnl_lock();
  1087                  tap = tap_get_tap_dev(q);
  1088                  if (!tap) {
  1089                          rtnl_unlock();
  1090                          return -ENOLINK;
  1091                  }
  1092                  ret = 0;
  1093                  dev_get_mac_address(&sa, dev_net(tap->dev), tap->dev->name);

How do you want to handle errors from dev_get_mac_address()?

  1094                  if (copy_to_user(&ifr->ifr_name, tap->dev->name, IFNAMSIZ) ||
  1095                      copy_to_user(&ifr->ifr_hwaddr, &sa, sizeof(sa)))
  1096                          ret = -EFAULT;
  1097                  tap_put_tap_dev(tap);
  1098                  rtnl_unlock();
  1099                  return ret;
  1100  

regards,
dan carpenter

^ permalink raw reply	[flat|nested] 2+ messages in thread
* Re: [bug report] net: fix dev_ifsioc_locked() race condition
  2021-02-16 19:38 [bug report] net: fix dev_ifsioc_locked() race condition Dan Carpenter
@ 2021-02-16 19:52 ` Cong Wang
  0 siblings, 0 replies; 2+ messages in thread
From: Cong Wang @ 2021-02-16 19:52 UTC (permalink / raw)
  To: Dan Carpenter; +Cc: Cong Wang ., Linux Kernel Network Developers

On Tue, Feb 16, 2021 at 11:40 AM Dan Carpenter <dan.carpenter@oracle.com> wrote:
>
> Hello Cong Wang,
>
> The patch 3b23a32a6321: "net: fix dev_ifsioc_locked() race condition"
> from Feb 11, 2021, leads to the following static checker warning:
>
>         drivers/net/tap.c:1095 tap_ioctl()
>         warn: check that 'sa.sa_family' doesn't leak information
>
> drivers/net/tap.c
>   1084
>   1085          case SIOCGIFHWADDR:
>   1086                  rtnl_lock();
>   1087                  tap = tap_get_tap_dev(q);
>   1088                  if (!tap) {
>   1089                          rtnl_unlock();
>   1090                          return -ENOLINK;
>   1091                  }
>   1092                  ret = 0;
>   1093                  dev_get_mac_address(&sa, dev_net(tap->dev), tap->dev->name);
>
> How do you want to handle errors from dev_get_mac_address()?

I did have a check there but it turns out unnecessary, because the only
error can happen is when the device name is not found, but here
we already have tap->dev, therefore its name is always there and valid.

Thanks.

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2021-02-16 19:53 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-02-16 19:38 [bug report] net: fix dev_ifsioc_locked() race condition Dan Carpenter
2021-02-16 19:52 ` Cong Wang

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.