[net-next,v1] neighbour: complement nl_ntbl_parm_policy

Message ID	20240119070847.5402-1-linma@zju.edu.cn (mailing list archive)
State	Deferred
Delegated to:	Netdev Maintainers
Headers	show Received: from azure-sdnproxy.icoremail.net (azure-sdnproxy.icoremail.net [20.231.56.155]) by smtp.subspace.kernel.org (Postfix) with ESMTP id CD352186F; Fri, 19 Jan 2024 07:09:07 +0000 (UTC) From: Lin Ma <linma@zju.edu.cn> To: davem@davemloft.net, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com, dsahern@kernel.org, razor@blackwall.org, leon@kernel.org, linma@zju.edu.cn, haleyb.dev@gmail.com, ja@ssi.bg, judyhsiao@chromium.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH net-next v1] neighbour: complement nl_ntbl_parm_policy Date: Fri, 19 Jan 2024 15:08:47 +0800 Message-Id: <20240119070847.5402-1-linma@zju.edu.cn> Precedence: bulk MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[net-next,v1] neighbour: complement nl_ntbl_parm_policy \| expand [net-next,v1] neighbour: complement nl_ntbl_parm_policy

Context	Check	Description
netdev/series_format	success	Single patches do not need cover letters
netdev/tree_selection	success	Clearly marked for net-next
netdev/ynl	success	Generated files up to date; no warnings/errors; no diff in generated;
netdev/fixes_present	success	Fixes tag not required for -next series
netdev/header_inline	success	No static functions without inline keyword in header files
netdev/build_32bit	fail	Errors and warnings before: 1081 this patch: 17
netdev/cc_maintainers	success	CCed 0 of 0 maintainers
netdev/build_clang	fail	Errors and warnings before: 1096 this patch: 16
netdev/verify_signedoff	success	Signed-off-by tag matches author and committer
netdev/deprecated_api	success	None detected
netdev/check_selftest	success	No net selftest shell script
netdev/verify_fixes	success	No Fixes tag
netdev/build_allmodconfig_warn	fail	Errors and warnings before: 1099 this patch: 17
netdev/checkpatch	success	total: 0 errors, 0 warnings, 0 checks, 7 lines checked
netdev/build_clang_rust	success	No Rust files in patch. Skipping build
netdev/kdoc	success	Errors and warnings before: 0 this patch: 0
netdev/source_inline	success	Was 0 now: 0

Lin Ma Jan. 19, 2024, 7:08 a.m. UTC

In the neightbl_set function, the attributes array is parsed and validated
using the nl_ntbl_parm_policy policy. However, this policy overlooks the
NDTPA_QUEUE_LENBYTES attribute since the commit 6b3f8674bccb ("[NEIGH]:
Convert neighbour table modification to new netlink api").
As a result, no validation is performed when accessing the
NDTPA_QUEUE_LENBYTES attribute.

This patch addresses this issue by complementing the policy to ensure that
every attribute being accessed is properly validated.

Signed-off-by: Lin Ma <linma@zju.edu.cn>
---
 net/core/neighbour.c | 1 +
 1 file changed, 1 insertion(+)

Simon Horman Jan. 19, 2024, 7:50 p.m. UTC | #1

On Fri, Jan 19, 2024 at 03:08:47PM +0800, Lin Ma wrote:
> In the neightbl_set function, the attributes array is parsed and validated
> using the nl_ntbl_parm_policy policy. However, this policy overlooks the
> NDTPA_QUEUE_LENBYTES attribute since the commit 6b3f8674bccb ("[NEIGH]:
> Convert neighbour table modification to new netlink api").
> As a result, no validation is performed when accessing the
> NDTPA_QUEUE_LENBYTES attribute.
> 
> This patch addresses this issue by complementing the policy to ensure that
> every attribute being accessed is properly validated.
> 
> Signed-off-by: Lin Ma <linma@zju.edu.cn>
> ---
>  net/core/neighbour.c | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/net/core/neighbour.c b/net/core/neighbour.c
> index 552719c3bbc3..ece0447cf409 100644
> --- a/net/core/neighbour.c
> +++ b/net/core/neighbour.c
> @@ -2293,6 +2293,7 @@ static const struct nla_policy nl_neightbl_policy[NDTA_MAX+1] = {
>  static const struct nla_policy nl_ntbl_parm_policy[NDTPA_MAX+1] = {
>  	[NDTPA_IFINDEX]			= { .type = NLA_U32 },
>  	[NDTPA_QUEUE_LEN]		= { .type = NLA_U32 },
> +	[NPTPA_QUEUE_LEN_BYTES]         = { .type = NLA_U32 },

This does not compile because NPTPA_QUEUE_LEN_BYTES is
not present in net-next.

>  	[NDTPA_PROXY_QLEN]		= { .type = NLA_U32 },
>  	[NDTPA_APP_PROBES]		= { .type = NLA_U32 },
>  	[NDTPA_UCAST_PROBES]		= { .type = NLA_U32 },


## Form letter - net-next-closed

[adapted from text by Jakub]

The merge window for v6.8 has begun and therefore net-next is closed
for new drivers, features, code refactoring and optimizations.
We are currently accepting bug fixes only.

Please repost when net-next reopens on or after 22nd January.

RFC patches sent for review only are obviously welcome at any time.

See: https://www.kernel.org/doc/html/next/process/maintainer-netdev.html#development-cycle
--
pw-bot: defer

kernel test robot Jan. 19, 2024, 11:37 p.m. UTC | #2

Hi Lin,

kernel test robot noticed the following build errors:

[auto build test ERROR on net-next/main]

url:    https://github.com/intel-lab-lkp/linux/commits/Lin-Ma/neighbour-complement-nl_ntbl_parm_policy/20240119-151255
base:   net-next/main
patch link:    https://lore.kernel.org/r/20240119070847.5402-1-linma%40zju.edu.cn
patch subject: [PATCH net-next v1] neighbour: complement nl_ntbl_parm_policy
config: arm-randconfig-001-20240120 (https://download.01.org/0day-ci/archive/20240120/202401200717.gbJdfFML-lkp@intel.com/config)
compiler: clang version 18.0.0git (https://github.com/llvm/llvm-project d92ce344bf641e6bb025b41b3f1a77dd25e2b3e9)
reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20240120/202401200717.gbJdfFML-lkp@intel.com/reproduce)

If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202401200717.gbJdfFML-lkp@intel.com/

All errors (new ones prefixed by >>):

>> net/core/neighbour.c:2296:3: error: use of undeclared identifier 'NPTPA_QUEUE_LEN_BYTES'; did you mean 'NDTPA_QUEUE_LENBYTES'?
    2296 |         [NPTPA_QUEUE_LEN_BYTES]         = { .type = NLA_U32 },
         |          ^~~~~~~~~~~~~~~~~~~~~
         |          NDTPA_QUEUE_LENBYTES
   include/uapi/linux/neighbour.h:160:2: note: 'NDTPA_QUEUE_LENBYTES' declared here
     160 |         NDTPA_QUEUE_LENBYTES,           /* u32 */
         |         ^
   1 error generated.


vim +2296 net/core/neighbour.c

  2292	
  2293	static const struct nla_policy nl_ntbl_parm_policy[NDTPA_MAX+1] = {
  2294		[NDTPA_IFINDEX]			= { .type = NLA_U32 },
  2295		[NDTPA_QUEUE_LEN]		= { .type = NLA_U32 },
> 2296		[NPTPA_QUEUE_LEN_BYTES]         = { .type = NLA_U32 },
  2297		[NDTPA_PROXY_QLEN]		= { .type = NLA_U32 },
  2298		[NDTPA_APP_PROBES]		= { .type = NLA_U32 },
  2299		[NDTPA_UCAST_PROBES]		= { .type = NLA_U32 },
  2300		[NDTPA_MCAST_PROBES]		= { .type = NLA_U32 },
  2301		[NDTPA_MCAST_REPROBES]		= { .type = NLA_U32 },
  2302		[NDTPA_BASE_REACHABLE_TIME]	= { .type = NLA_U64 },
  2303		[NDTPA_GC_STALETIME]		= { .type = NLA_U64 },
  2304		[NDTPA_DELAY_PROBE_TIME]	= { .type = NLA_U64 },
  2305		[NDTPA_RETRANS_TIME]		= { .type = NLA_U64 },
  2306		[NDTPA_ANYCAST_DELAY]		= { .type = NLA_U64 },
  2307		[NDTPA_PROXY_DELAY]		= { .type = NLA_U64 },
  2308		[NDTPA_LOCKTIME]		= { .type = NLA_U64 },
  2309		[NDTPA_INTERVAL_PROBE_TIME_MS]	= { .type = NLA_U64, .min = 1 },
  2310	};
  2311

Lin Ma Jan. 20, 2024, 12:53 a.m. UTC | #3

Hello Simon,

> On Fri, Jan 19, 2024 at 03:08:47PM +0800, Lin Ma wrote:
> > In the neightbl_set function, the attributes array is parsed and validated
> > using the nl_ntbl_parm_policy policy. However, this policy overlooks the
> > NDTPA_QUEUE_LENBYTES attribute since the commit 6b3f8674bccb ("[NEIGH]:
> > Convert neighbour table modification to new netlink api").
> > As a result, no validation is performed when accessing the
> > NDTPA_QUEUE_LENBYTES attribute.
> > 
> > This patch addresses this issue by complementing the policy to ensure that
> > every attribute being accessed is properly validated.
> > 
> > Signed-off-by: Lin Ma <linma@zju.edu.cn>
> > ---
> >  net/core/neighbour.c | 1 +
> >  1 file changed, 1 insertion(+)
> > 
> > diff --git a/net/core/neighbour.c b/net/core/neighbour.c
> > index 552719c3bbc3..ece0447cf409 100644
> > --- a/net/core/neighbour.c
> > +++ b/net/core/neighbour.c
> > @@ -2293,6 +2293,7 @@ static const struct nla_policy nl_neightbl_policy[NDTA_MAX+1] = {
> >  static const struct nla_policy nl_ntbl_parm_policy[NDTPA_MAX+1] = {
> >  	[NDTPA_IFINDEX]			= { .type = NLA_U32 },
> >  	[NDTPA_QUEUE_LEN]		= { .type = NLA_U32 },
> > +	[NPTPA_QUEUE_LEN_BYTES]         = { .type = NLA_U32 },
> 
> This does not compile because NPTPA_QUEUE_LEN_BYTES is
> not present in net-next.
> 
> >  	[NDTPA_PROXY_QLEN]		= { .type = NLA_U32 },
> >  	[NDTPA_APP_PROBES]		= { .type = NLA_U32 },
> >  	[NDTPA_UCAST_PROBES]		= { .type = NLA_U32 },
> 
> 
> ## Form letter - net-next-closed
> 
> [adapted from text by Jakub]
> 
> The merge window for v6.8 has begun and therefore net-next is closed
> for new drivers, features, code refactoring and optimizations.
> We are currently accepting bug fixes only.
> 
> Please repost when net-next reopens on or after 22nd January.
> 
> RFC patches sent for review only are obviously welcome at any time.
> 
> See: https://www.kernel.org/doc/html/next/process/maintainer-netdev.html#development-cycle
> --
> pw-bot: defer

My bad, I prepare this patch on the linux-stable tree and never thought this would happen.
Will also compile on the right tree next time.

So should I send this to net which has this attribute or something?

Thanks are really Sorry
Lin

Simon Horman Jan. 20, 2024, 11:41 a.m. UTC | #4

On Sat, Jan 20, 2024 at 08:53:50AM +0800, Lin Ma wrote:
> Hello Simon,

...

> My bad, I prepare this patch on the linux-stable tree and never thought this would happen.
> Will also compile on the right tree next time.
> 
> So should I send this to net which has this attribute or something?

Hi Lin Ma,

If it is a fix for net, then it should be based on net and targeted at net.

	Subject: [PATCH net] ...

Else, it should be based on and targeted at net-next.

Either way, I think reposting is a good idea.
Although in the net-next case, please note that it is closed,
so please wait for it to reopen before posting patches for it.
It is likely to reopen next week.

Does that help?

kernel test robot Jan. 20, 2024, 3:11 p.m. UTC | #5

Hi Lin,

kernel test robot noticed the following build errors:

[auto build test ERROR on net-next/main]

url:    https://github.com/intel-lab-lkp/linux/commits/Lin-Ma/neighbour-complement-nl_ntbl_parm_policy/20240119-151255
base:   net-next/main
patch link:    https://lore.kernel.org/r/20240119070847.5402-1-linma%40zju.edu.cn
patch subject: [PATCH net-next v1] neighbour: complement nl_ntbl_parm_policy
config: m68k-allmodconfig (https://download.01.org/0day-ci/archive/20240120/202401202347.sHNru6Y6-lkp@intel.com/config)
compiler: m68k-linux-gcc (GCC) 13.2.0
reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20240120/202401202347.sHNru6Y6-lkp@intel.com/reproduce)

If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202401202347.sHNru6Y6-lkp@intel.com/

All errors (new ones prefixed by >>):

>> net/core/neighbour.c:2296:10: error: 'NPTPA_QUEUE_LEN_BYTES' undeclared here (not in a function); did you mean 'NDTPA_QUEUE_LENBYTES'?
    2296 |         [NPTPA_QUEUE_LEN_BYTES]         = { .type = NLA_U32 },
         |          ^~~~~~~~~~~~~~~~~~~~~
         |          NDTPA_QUEUE_LENBYTES
>> net/core/neighbour.c:2296:10: error: array index in initializer not of integer type
   net/core/neighbour.c:2296:10: note: (near initialization for 'nl_ntbl_parm_policy')
   net/core/neighbour.c:2298:43: warning: initialized field overwritten [-Woverride-init]
    2298 |         [NDTPA_APP_PROBES]              = { .type = NLA_U32 },
         |                                           ^
   net/core/neighbour.c:2298:43: note: (near initialization for 'nl_ntbl_parm_policy[9]')


vim +2296 net/core/neighbour.c

  2292	
  2293	static const struct nla_policy nl_ntbl_parm_policy[NDTPA_MAX+1] = {
  2294		[NDTPA_IFINDEX]			= { .type = NLA_U32 },
  2295		[NDTPA_QUEUE_LEN]		= { .type = NLA_U32 },
> 2296		[NPTPA_QUEUE_LEN_BYTES]         = { .type = NLA_U32 },
  2297		[NDTPA_PROXY_QLEN]		= { .type = NLA_U32 },
  2298		[NDTPA_APP_PROBES]		= { .type = NLA_U32 },
  2299		[NDTPA_UCAST_PROBES]		= { .type = NLA_U32 },
  2300		[NDTPA_MCAST_PROBES]		= { .type = NLA_U32 },
  2301		[NDTPA_MCAST_REPROBES]		= { .type = NLA_U32 },
  2302		[NDTPA_BASE_REACHABLE_TIME]	= { .type = NLA_U64 },
  2303		[NDTPA_GC_STALETIME]		= { .type = NLA_U64 },
  2304		[NDTPA_DELAY_PROBE_TIME]	= { .type = NLA_U64 },
  2305		[NDTPA_RETRANS_TIME]		= { .type = NLA_U64 },
  2306		[NDTPA_ANYCAST_DELAY]		= { .type = NLA_U64 },
  2307		[NDTPA_PROXY_DELAY]		= { .type = NLA_U64 },
  2308		[NDTPA_LOCKTIME]		= { .type = NLA_U64 },
  2309		[NDTPA_INTERVAL_PROBE_TIME_MS]	= { .type = NLA_U64, .min = 1 },
  2310	};
  2311

[net-next,v1] neighbour: complement nl_ntbl_parm_policy

Checks

Commit Message

Comments

Patch