diff mbox series

[ipsec-next] xfrm: delete not-needed clear to zero of encap_oa

Message ID 1ed3e00428a0036bdea14eb4f5a45706a89f11eb.1685952635.git.leon@kernel.org (mailing list archive)
State Superseded
Delegated to: Netdev Maintainers
Headers show
Series [ipsec-next] xfrm: delete not-needed clear to zero of encap_oa | expand

Checks

Context Check Description
netdev/series_format warning Single patches do not need cover letters; Target tree name not specified in the subject
netdev/tree_selection success Guessed tree name to be net-next
netdev/fixes_present success Fixes tag not required for -next series
netdev/header_inline success No static functions without inline keyword in header files
netdev/build_32bit success Errors and warnings before: 23 this patch: 23
netdev/cc_maintainers success CCed 7 of 7 maintainers
netdev/build_clang success Errors and warnings before: 8 this patch: 8
netdev/verify_signedoff success Signed-off-by tag matches author and committer
netdev/deprecated_api success None detected
netdev/check_selftest success No net selftest shell script
netdev/verify_fixes success No Fixes tag
netdev/build_allmodconfig_warn success Errors and warnings before: 23 this patch: 23
netdev/checkpatch success total: 0 errors, 0 warnings, 0 checks, 14 lines checked
netdev/kdoc success Errors and warnings before: 0 this patch: 0
netdev/source_inline success Was 0 now: 0

Commit Message

Leon Romanovsky June 5, 2023, 8:11 a.m. UTC 
From: Leon Romanovsky <leonro@nvidia.com>

After commit 2f4796518315 ("af_key: Fix heap information leak"), there is
no need to clear encap_oa again as it is already initialized to zero.

Signed-off-by: Leon Romanovsky <leonro@nvidia.com>
---
 net/key/af_key.c     | 1 -
 net/xfrm/xfrm_user.c | 1 -
 2 files changed, 2 deletions(-)

Comments

Herbert Xu June 5, 2023, 8:30 a.m. UTC | #1 
On Mon, Jun 05, 2023 at 11:11:51AM +0300, Leon Romanovsky wrote:
>
> diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
> index c34a2a06ca94..ec713db148f3 100644
> --- a/net/xfrm/xfrm_user.c
> +++ b/net/xfrm/xfrm_user.c
> @@ -1077,7 +1077,6 @@ static int copy_to_user_encap(struct xfrm_encap_tmpl *ep, struct sk_buff *skb)
>  	uep->encap_type = ep->encap_type;
>  	uep->encap_sport = ep->encap_sport;
>  	uep->encap_dport = ep->encap_dport;
> -	uep->encap_oa = ep->encap_oa;

Where is the justification for this?

Cheers,
Leon Romanovsky June 5, 2023, 8:34 a.m. UTC | #2 
On Mon, Jun 05, 2023 at 04:30:47PM +0800, Herbert Xu wrote:
> On Mon, Jun 05, 2023 at 11:11:51AM +0300, Leon Romanovsky wrote:
> >
> > diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
> > index c34a2a06ca94..ec713db148f3 100644
> > --- a/net/xfrm/xfrm_user.c
> > +++ b/net/xfrm/xfrm_user.c
> > @@ -1077,7 +1077,6 @@ static int copy_to_user_encap(struct xfrm_encap_tmpl *ep, struct sk_buff *skb)
> >  	uep->encap_type = ep->encap_type;
> >  	uep->encap_sport = ep->encap_sport;
> >  	uep->encap_dport = ep->encap_dport;
> > -	uep->encap_oa = ep->encap_oa;
> 
> Where is the justification for this?

The line "memset(&natt->encap_oa, 0, sizeof(natt->encap_oa));" deleted
in this patch was the last reference to encap_oa.

Thanks

> 
> Cheers,
> -- 
> Email: Herbert Xu <herbert@gondor.apana.org.au>
> Home Page: http://gondor.apana.org.au/~herbert/
> PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Herbert Xu June 5, 2023, 8:36 a.m. UTC | #3 
On Mon, Jun 05, 2023 at 11:34:56AM +0300, Leon Romanovsky wrote:
>
> The line "memset(&natt->encap_oa, 0, sizeof(natt->encap_oa));" deleted
> in this patch was the last reference to encap_oa.

I don't see the point since you're not removing the actual encap_oa
field.

Cheers,
Leon Romanovsky June 5, 2023, 8:48 a.m. UTC | #4 
On Mon, Jun 05, 2023 at 04:36:31PM +0800, Herbert Xu wrote:
> On Mon, Jun 05, 2023 at 11:34:56AM +0300, Leon Romanovsky wrote:
> >
> > The line "memset(&natt->encap_oa, 0, sizeof(natt->encap_oa));" deleted
> > in this patch was the last reference to encap_oa.
> 
> I don't see the point since you're not removing the actual encap_oa
> field.

It is impossible to remove encap_oa because it is declared as UAPI.

Unless you want to support some out-of-tree code, uep->encap_oa will
be always zero.

Thanks

> 
> Cheers,
> -- 
> Email: Herbert Xu <herbert@gondor.apana.org.au>
> Home Page: http://gondor.apana.org.au/~herbert/
> PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Herbert Xu June 5, 2023, 8:50 a.m. UTC | #5 
On Mon, Jun 05, 2023 at 11:48:29AM +0300, Leon Romanovsky wrote:
>
> It is impossible to remove encap_oa because it is declared as UAPI.
> 
> Unless you want to support some out-of-tree code, uep->encap_oa will
> be always zero.

No we should keep it.  This has been a wart on our stack as it
basically breaks down when the peer shifts addresses.  We should
start using encap_oa in some way and fix this.

Cheers,
Leon Romanovsky June 5, 2023, 10:05 a.m. UTC | #6 
On Mon, Jun 05, 2023 at 04:50:55PM +0800, Herbert Xu wrote:
> On Mon, Jun 05, 2023 at 11:48:29AM +0300, Leon Romanovsky wrote:
> >
> > It is impossible to remove encap_oa because it is declared as UAPI.
> > 
> > Unless you want to support some out-of-tree code, uep->encap_oa will
> > be always zero.
> 
> No we should keep it.  This has been a wart on our stack as it
> basically breaks down when the peer shifts addresses.  We should
> start using encap_oa in some way and fix this.

ok, I'll drop the disputed line from commit and resubmit.

Thanks

> 
> Cheers,
> -- 
> Email: Herbert Xu <herbert@gondor.apana.org.au>
> Home Page: http://gondor.apana.org.au/~herbert/
> PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
diff mbox series

Patch

diff --git a/net/key/af_key.c b/net/key/af_key.c
index 31ab12fd720a..14e891ebde61 100644
--- a/net/key/af_key.c
+++ b/net/key/af_key.c
@@ -1281,7 +1281,6 @@  static struct xfrm_state * pfkey_msg2xfrm_state(struct net *net,
 				ext_hdrs[SADB_X_EXT_NAT_T_DPORT-1];
 			natt->encap_dport = n_port->sadb_x_nat_t_port_port;
 		}
-		memset(&natt->encap_oa, 0, sizeof(natt->encap_oa));
 	}
 
 	err = xfrm_init_state(x);
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
index c34a2a06ca94..ec713db148f3 100644
--- a/net/xfrm/xfrm_user.c
+++ b/net/xfrm/xfrm_user.c
@@ -1077,7 +1077,6 @@  static int copy_to_user_encap(struct xfrm_encap_tmpl *ep, struct sk_buff *skb)
 	uep->encap_type = ep->encap_type;
 	uep->encap_sport = ep->encap_sport;
 	uep->encap_dport = ep->encap_dport;
-	uep->encap_oa = ep->encap_oa;
 
 	return 0;
 }