* [PATCH] nfc: nci: assert requested protocol is valid
@ 2023-09-06 23:33 Jeremy Cline
2023-09-07 6:24 ` Krzysztof Kozlowski
` (2 more replies)
0 siblings, 3 replies; 8+ messages in thread
From: Jeremy Cline @ 2023-09-06 23:33 UTC (permalink / raw)
To: Krzysztof Kozlowski
Cc: David S . Miller, Eric Dumazet, Jakub Kicinski, Paolo Abeni,
netdev, linux-kernel, Jeremy Cline, syzbot+0839b78e119aae1fec78
The protocol is used in a bit mask to determine if the protocol is
supported. Assert the provided protocol is less than the maximum
defined so it doesn't potentially perform a shift-out-of-bounds and
provide a clearer error for undefined protocols vs unsupported ones.
Fixes: 6a2968aaf50c ("NFC: basic NCI protocol implementation")
Reported-and-tested-by: syzbot+0839b78e119aae1fec78@syzkaller.appspotmail.com
Closes: https://syzkaller.appspot.com/bug?extid=0839b78e119aae1fec78
Signed-off-by: Jeremy Cline <jeremy@jcline.org>
---
net/nfc/nci/core.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/net/nfc/nci/core.c b/net/nfc/nci/core.c
index fff755dde30d..6c9592d05120 100644
--- a/net/nfc/nci/core.c
+++ b/net/nfc/nci/core.c
@@ -909,6 +909,11 @@ static int nci_activate_target(struct nfc_dev *nfc_dev,
return -EINVAL;
}
+ if (protocol >= NFC_PROTO_MAX) {
+ pr_err("the requested nfc protocol is invalid\n");
+ return -EINVAL;
+ }
+
if (!(nci_target->supported_protocols & (1 << protocol))) {
pr_err("target does not support the requested protocol 0x%x\n",
protocol);
--
2.41.0
^ permalink raw reply related [flat|nested] 8+ messages in thread
* Re: [PATCH] nfc: nci: assert requested protocol is valid
2023-09-06 23:33 [PATCH] nfc: nci: assert requested protocol is valid Jeremy Cline
@ 2023-09-07 6:24 ` Krzysztof Kozlowski
2023-09-07 12:41 ` Jeremy Cline
2023-09-07 14:41 ` Simon Horman
2023-10-09 20:00 ` [PATCH v2 net] " Jeremy Cline
2 siblings, 1 reply; 8+ messages in thread
From: Krzysztof Kozlowski @ 2023-09-07 6:24 UTC (permalink / raw)
To: Jeremy Cline
Cc: David S . Miller, Eric Dumazet, Jakub Kicinski, Paolo Abeni,
netdev, linux-kernel, syzbot+0839b78e119aae1fec78, Hillf Danton
On 07/09/2023 01:33, Jeremy Cline wrote:
> The protocol is used in a bit mask to determine if the protocol is
> supported. Assert the provided protocol is less than the maximum
> defined so it doesn't potentially perform a shift-out-of-bounds and
> provide a clearer error for undefined protocols vs unsupported ones.
>
> Fixes: 6a2968aaf50c ("NFC: basic NCI protocol implementation")
> Reported-and-tested-by: syzbot+0839b78e119aae1fec78@syzkaller.appspotmail.com
> Closes: https://syzkaller.appspot.com/bug?extid=0839b78e119aae1fec78
> Signed-off-by: Jeremy Cline <jeremy@jcline.org>
> ---
> net/nfc/nci/core.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/net/nfc/nci/core.c b/net/nfc/nci/core.c
> index fff755dde30d..6c9592d05120 100644
> --- a/net/nfc/nci/core.c
> +++ b/net/nfc/nci/core.c
> @@ -909,6 +909,11 @@ static int nci_activate_target(struct nfc_dev *nfc_dev,
> return -EINVAL;
> }
>
> + if (protocol >= NFC_PROTO_MAX) {
> + pr_err("the requested nfc protocol is invalid\n");
> + return -EINVAL;
> + }
This looks OK, but I wonder if protocol 0 (so BIT(0) in the
supported_protocols) is a valid protocol. I looked at the code and it
was nowhere handled.
Original patch from Hilf Danton was also handling it (I wonder why Hilf
did not send his patch...)
https://syzkaller.appspot.com/bug?extid=0839b78e119aae1fec78
Best regards,
Krzysztof
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH] nfc: nci: assert requested protocol is valid
2023-09-07 6:24 ` Krzysztof Kozlowski
@ 2023-09-07 12:41 ` Jeremy Cline
0 siblings, 0 replies; 8+ messages in thread
From: Jeremy Cline @ 2023-09-07 12:41 UTC (permalink / raw)
To: Krzysztof Kozlowski
Cc: David S . Miller, Eric Dumazet, Jakub Kicinski, Paolo Abeni,
netdev, linux-kernel, syzbot, Hillf Danton
Hi,
On Thu, Sep 7, 2023, at 2:24 AM, Krzysztof Kozlowski wrote:
> On 07/09/2023 01:33, Jeremy Cline wrote:
>> The protocol is used in a bit mask to determine if the protocol is
>> supported. Assert the provided protocol is less than the maximum
>> defined so it doesn't potentially perform a shift-out-of-bounds and
>> provide a clearer error for undefined protocols vs unsupported ones.
>>
>> Fixes: 6a2968aaf50c ("NFC: basic NCI protocol implementation")
>> Reported-and-tested-by: syzbot+0839b78e119aae1fec78@syzkaller.appspotmail.com
>> Closes: https://syzkaller.appspot.com/bug?extid=0839b78e119aae1fec78
>> Signed-off-by: Jeremy Cline <jeremy@jcline.org>
>> ---
>> net/nfc/nci/core.c | 5 +++++
>> 1 file changed, 5 insertions(+)
>>
>> diff --git a/net/nfc/nci/core.c b/net/nfc/nci/core.c
>> index fff755dde30d..6c9592d05120 100644
>> --- a/net/nfc/nci/core.c
>> +++ b/net/nfc/nci/core.c
>> @@ -909,6 +909,11 @@ static int nci_activate_target(struct nfc_dev *nfc_dev,
>> return -EINVAL;
>> }
>>
>> + if (protocol >= NFC_PROTO_MAX) {
>> + pr_err("the requested nfc protocol is invalid\n");
>> + return -EINVAL;
>> + }
>
> This looks OK, but I wonder if protocol 0 (so BIT(0) in the
> supported_protocols) is a valid protocol. I looked at the code and it
> was nowhere handled.
>
I did notice that the protocols started at 1, but I was not particularly confident in adding a check for 0 since I was concerned I might miss a subtle existing case of 0 being used somewhere, or that some time in the future a protocol 0 would be added (which seems weird, but weird things happen I suppose). If it is added in the future and there's a check here marking it invalid explicitly, it will trip up the developer briefly.
Since the next check in this function should still reject 0 with an -EINVAL the only downside to not checking is the different error message.
I personally lean towards letting the second check catch the 0 case, but as I'm not likely to be the person who has to deal with any of the downsides, I'm happy to do whatever you think is best.
Thanks,
Jeremy
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH] nfc: nci: assert requested protocol is valid
2023-09-06 23:33 [PATCH] nfc: nci: assert requested protocol is valid Jeremy Cline
2023-09-07 6:24 ` Krzysztof Kozlowski
@ 2023-09-07 14:41 ` Simon Horman
2023-09-08 1:01 ` Jeremy Cline
2023-10-09 20:00 ` [PATCH v2 net] " Jeremy Cline
2 siblings, 1 reply; 8+ messages in thread
From: Simon Horman @ 2023-09-07 14:41 UTC (permalink / raw)
To: Jeremy Cline
Cc: Krzysztof Kozlowski, David S. Miller, Eric Dumazet,
Jakub Kicinski, Paolo Abeni, netdev, linux-kernel,
syzbot+0839b78e119aae1fec78, John W. Linville, Ilan Elias,
Dmitry Vyukov, Lin Ma
Cc "John W. Linville" <linville@tuxdriver.com>
Ilan Elias <ilane@ti.com>
Dmitry Vyukov <dvyukov@google.com>
Lin Ma <linma@zju.edu.cn>
On Wed, Sep 06, 2023 at 07:33:47PM -0400, Jeremy Cline wrote:
> The protocol is used in a bit mask to determine if the protocol is
> supported. Assert the provided protocol is less than the maximum
> defined so it doesn't potentially perform a shift-out-of-bounds and
> provide a clearer error for undefined protocols vs unsupported ones.
>
> Fixes: 6a2968aaf50c ("NFC: basic NCI protocol implementation")
> Reported-and-tested-by: syzbot+0839b78e119aae1fec78@syzkaller.appspotmail.com
> Closes: https://syzkaller.appspot.com/bug?extid=0839b78e119aae1fec78
> Signed-off-by: Jeremy Cline <jeremy@jcline.org>
Hi Jeremy,
As a bug fix, with a Fixes tag, I'm assuming that this targets 'net'.
As opposed to 'net-next'.
There is probably no need to repost for this, but in future please
bear in mind the practice of specifying the target tree in
the subject of Networking patches.
Subject: [PATCH net] ...
Also, please include addresses indicated by the following in the CC list.
get_maintainer.pl --min-percent 25 x.patch
The above notwithstanding, this looks good to me.
Reviewed-by: Simon Horman <horms@kernel.org>
> ---
> net/nfc/nci/core.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/net/nfc/nci/core.c b/net/nfc/nci/core.c
> index fff755dde30d..6c9592d05120 100644
> --- a/net/nfc/nci/core.c
> +++ b/net/nfc/nci/core.c
> @@ -909,6 +909,11 @@ static int nci_activate_target(struct nfc_dev *nfc_dev,
> return -EINVAL;
> }
>
> + if (protocol >= NFC_PROTO_MAX) {
> + pr_err("the requested nfc protocol is invalid\n");
> + return -EINVAL;
> + }
> +
> if (!(nci_target->supported_protocols & (1 << protocol))) {
> pr_err("target does not support the requested protocol 0x%x\n",
> protocol);
> --
> 2.41.0
>
>
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH] nfc: nci: assert requested protocol is valid
2023-09-07 14:41 ` Simon Horman
@ 2023-09-08 1:01 ` Jeremy Cline
0 siblings, 0 replies; 8+ messages in thread
From: Jeremy Cline @ 2023-09-08 1:01 UTC (permalink / raw)
To: Simon Horman
Cc: Krzysztof Kozlowski, David S. Miller, Eric Dumazet,
Jakub Kicinski, Paolo Abeni, netdev, linux-kernel,
syzbot+0839b78e119aae1fec78, John W. Linville, Ilan Elias,
Dmitry Vyukov, Lin Ma
On Thu, Sep 07, 2023 at 04:41:12PM +0200, Simon Horman wrote:
> Cc "John W. Linville" <linville@tuxdriver.com>
> Ilan Elias <ilane@ti.com>
> Dmitry Vyukov <dvyukov@google.com>
> Lin Ma <linma@zju.edu.cn>
>
> On Wed, Sep 06, 2023 at 07:33:47PM -0400, Jeremy Cline wrote:
> > The protocol is used in a bit mask to determine if the protocol is
> > supported. Assert the provided protocol is less than the maximum
> > defined so it doesn't potentially perform a shift-out-of-bounds and
> > provide a clearer error for undefined protocols vs unsupported ones.
> >
> > Fixes: 6a2968aaf50c ("NFC: basic NCI protocol implementation")
> > Reported-and-tested-by: syzbot+0839b78e119aae1fec78@syzkaller.appspotmail.com
> > Closes: https://syzkaller.appspot.com/bug?extid=0839b78e119aae1fec78
> > Signed-off-by: Jeremy Cline <jeremy@jcline.org>
>
> Hi Jeremy,
>
> As a bug fix, with a Fixes tag, I'm assuming that this targets 'net'.
> As opposed to 'net-next'.
Yeah, that's fine, whatever the maintainers think is best works for me.
I'm an infrequent contributor, at best.
>
> There is probably no need to repost for this, but in future please
> bear in mind the practice of specifying the target tree in
> the subject of Networking patches.
>
> Subject: [PATCH net] ...
>
I'll try to keep that in mind if I send other Networking patches.
> Also, please include addresses indicated by the following in the CC list.
>
> get_maintainer.pl --min-percent 25 x.patch
>
Likewise I'll try to remember this particular version if I send any more
network patches.
> The above notwithstanding, this looks good to me.
>
> Reviewed-by: Simon Horman <horms@kernel.org>
>
Thanks!
- Jeremy
> > ---
> > net/nfc/nci/core.c | 5 +++++
> > 1 file changed, 5 insertions(+)
> >
> > diff --git a/net/nfc/nci/core.c b/net/nfc/nci/core.c
> > index fff755dde30d..6c9592d05120 100644
> > --- a/net/nfc/nci/core.c
> > +++ b/net/nfc/nci/core.c
> > @@ -909,6 +909,11 @@ static int nci_activate_target(struct nfc_dev *nfc_dev,
> > return -EINVAL;
> > }
> >
> > + if (protocol >= NFC_PROTO_MAX) {
> > + pr_err("the requested nfc protocol is invalid\n");
> > + return -EINVAL;
> > + }
> > +
> > if (!(nci_target->supported_protocols & (1 << protocol))) {
> > pr_err("target does not support the requested protocol 0x%x\n",
> > protocol);
> > --
> > 2.41.0
> >
> >
^ permalink raw reply [flat|nested] 8+ messages in thread
* [PATCH v2 net] nfc: nci: assert requested protocol is valid
2023-09-06 23:33 [PATCH] nfc: nci: assert requested protocol is valid Jeremy Cline
2023-09-07 6:24 ` Krzysztof Kozlowski
2023-09-07 14:41 ` Simon Horman
@ 2023-10-09 20:00 ` Jeremy Cline
2023-10-11 15:37 ` Simon Horman
2023-10-12 7:40 ` patchwork-bot+netdevbpf
2 siblings, 2 replies; 8+ messages in thread
From: Jeremy Cline @ 2023-10-09 20:00 UTC (permalink / raw)
To: Krzysztof Kozlowski
Cc: David S . Miller, Eric Dumazet, Jakub Kicinski, Paolo Abeni,
Dmitry Vyukov, Lin Ma, Ilan Elias, John W . Linville, netdev,
linux-kernel, Simon Horman, Jeremy Cline,
syzbot+0839b78e119aae1fec78
The protocol is used in a bit mask to determine if the protocol is
supported. Assert the provided protocol is less than the maximum
defined so it doesn't potentially perform a shift-out-of-bounds and
provide a clearer error for undefined protocols vs unsupported ones.
Fixes: 6a2968aaf50c ("NFC: basic NCI protocol implementation")
Reported-and-tested-by: syzbot+0839b78e119aae1fec78@syzkaller.appspotmail.com
Closes: https://syzkaller.appspot.com/bug?extid=0839b78e119aae1fec78
Signed-off-by: Jeremy Cline <jeremy@jcline.org>
---
Changes from v1:
- Target the correct tree (net)
net/nfc/nci/core.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/net/nfc/nci/core.c b/net/nfc/nci/core.c
index fff755dde30d..6c9592d05120 100644
--- a/net/nfc/nci/core.c
+++ b/net/nfc/nci/core.c
@@ -909,6 +909,11 @@ static int nci_activate_target(struct nfc_dev *nfc_dev,
return -EINVAL;
}
+ if (protocol >= NFC_PROTO_MAX) {
+ pr_err("the requested nfc protocol is invalid\n");
+ return -EINVAL;
+ }
+
if (!(nci_target->supported_protocols & (1 << protocol))) {
pr_err("target does not support the requested protocol 0x%x\n",
protocol);
--
2.41.0
^ permalink raw reply related [flat|nested] 8+ messages in thread
* Re: [PATCH v2 net] nfc: nci: assert requested protocol is valid
2023-10-09 20:00 ` [PATCH v2 net] " Jeremy Cline
@ 2023-10-11 15:37 ` Simon Horman
2023-10-12 7:40 ` patchwork-bot+netdevbpf
1 sibling, 0 replies; 8+ messages in thread
From: Simon Horman @ 2023-10-11 15:37 UTC (permalink / raw)
To: Jeremy Cline
Cc: Krzysztof Kozlowski, David S . Miller, Eric Dumazet,
Jakub Kicinski, Paolo Abeni, Dmitry Vyukov, Lin Ma, Ilan Elias,
John W . Linville, netdev, linux-kernel,
syzbot+0839b78e119aae1fec78
On Mon, Oct 09, 2023 at 04:00:54PM -0400, Jeremy Cline wrote:
> The protocol is used in a bit mask to determine if the protocol is
> supported. Assert the provided protocol is less than the maximum
> defined so it doesn't potentially perform a shift-out-of-bounds and
> provide a clearer error for undefined protocols vs unsupported ones.
>
> Fixes: 6a2968aaf50c ("NFC: basic NCI protocol implementation")
> Reported-and-tested-by: syzbot+0839b78e119aae1fec78@syzkaller.appspotmail.com
> Closes: https://syzkaller.appspot.com/bug?extid=0839b78e119aae1fec78
> Signed-off-by: Jeremy Cline <jeremy@jcline.org>
As per my review of v1, this looks good to me.
Reviewed-by: Simon Horman <horms@kernel.org>
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH v2 net] nfc: nci: assert requested protocol is valid
2023-10-09 20:00 ` [PATCH v2 net] " Jeremy Cline
2023-10-11 15:37 ` Simon Horman
@ 2023-10-12 7:40 ` patchwork-bot+netdevbpf
1 sibling, 0 replies; 8+ messages in thread
From: patchwork-bot+netdevbpf @ 2023-10-12 7:40 UTC (permalink / raw)
To: Jeremy Cline
Cc: krzysztof.kozlowski, davem, edumazet, kuba, pabeni, dvyukov,
linma, ilane, linville, netdev, linux-kernel, horms,
syzbot+0839b78e119aae1fec78
Hello:
This patch was applied to netdev/net.git (main)
by Paolo Abeni <pabeni@redhat.com>:
On Mon, 9 Oct 2023 16:00:54 -0400 you wrote:
> The protocol is used in a bit mask to determine if the protocol is
> supported. Assert the provided protocol is less than the maximum
> defined so it doesn't potentially perform a shift-out-of-bounds and
> provide a clearer error for undefined protocols vs unsupported ones.
>
> Fixes: 6a2968aaf50c ("NFC: basic NCI protocol implementation")
> Reported-and-tested-by: syzbot+0839b78e119aae1fec78@syzkaller.appspotmail.com
> Closes: https://syzkaller.appspot.com/bug?extid=0839b78e119aae1fec78
> Signed-off-by: Jeremy Cline <jeremy@jcline.org>
>
> [...]
Here is the summary with links:
- [v2,net] nfc: nci: assert requested protocol is valid
https://git.kernel.org/netdev/net/c/354a6e707e29
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2023-10-12 7:40 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-09-06 23:33 [PATCH] nfc: nci: assert requested protocol is valid Jeremy Cline
2023-09-07 6:24 ` Krzysztof Kozlowski
2023-09-07 12:41 ` Jeremy Cline
2023-09-07 14:41 ` Simon Horman
2023-09-08 1:01 ` Jeremy Cline
2023-10-09 20:00 ` [PATCH v2 net] " Jeremy Cline
2023-10-11 15:37 ` Simon Horman
2023-10-12 7:40 ` patchwork-bot+netdevbpf
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.