From patchwork Mon Feb  3 17:01:51 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Peter Seiderer <ps.report@gmx.net>
X-Patchwork-Id: 13957846
Received: from mout.gmx.net (mout.gmx.net [212.227.15.15])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1BD6720C497;
	Mon,  3 Feb 2025 17:02:34 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=212.227.15.15
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1738602157; cv=none;
 b=OnXXbEk3fe7nLXqP/aA/cAH+KubcXKzbXRVniOquqI1tMoVzwsEkhrQdhNOjfoZzMOXopMFp2EF+s9I/EVL6CaNDOgIktzjxVY4ZaO0h1/g6U8nVGFrB3S6lIMAJuYqXogZubT0IxPO5bc8ATP6l0DTm36p++TaVQntJ9/JeIso=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1738602157; c=relaxed/simple;
	bh=5LzS1bc78hP3d8N4okfclvCG6DueFQ3T5PEURFGQ9pE=;
	h=From:To:Cc:Subject:Date:Message-ID:MIME-Version;
 b=g3++1opA00YAmR/1dh6mnc6Rhm2MtKcyWeie+VuVx07xzRve+KKg92G27heDIjppAx317/LIqVubBMPEwOj2x64dzHREXFwQzqCa5bo5wiWGkN1l8FlyDC4MVc1+g42ErfoQM6NOerOhtY/vrcGa6wwf3WZ1bOR50O9D/ETbvBA=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=gmx.net;
 spf=pass smtp.mailfrom=gmx.net;
 dkim=pass (2048-bit key) header.d=gmx.net header.i=ps.report@gmx.net
 header.b=Lsn+fBI+; arc=none smtp.client-ip=212.227.15.15
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=quarantine dis=none) header.from=gmx.net
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=gmx.net
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=gmx.net header.i=ps.report@gmx.net
 header.b="Lsn+fBI+"
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmx.net;
	s=s31663417; t=1738602148; x=1739206948; i=ps.report@gmx.net;
	bh=5LzS1bc78hP3d8N4okfclvCG6DueFQ3T5PEURFGQ9pE=;
	h=X-UI-Sender-Class:From:To:Cc:Subject:Date:Message-ID:
	 MIME-Version:Content-Transfer-Encoding:cc:
	 content-transfer-encoding:content-type:date:from:message-id:
	 mime-version:reply-to:subject:to;
	b=Lsn+fBI+JwHUWXYm29jNCI1ph9lB/S+d1ZY3nL1IEEbPpLbiKRrDpaxs6LixdQ6K
	 5Exfx7v0KxT/7grkde7bF2+sL4MiyZDq5zi384ohZW1nbVQBVmhn0E+IpIxOl5H8p
	 yms3DFgkkGf+odhRZYfCxrAkSh7yhbSINInqTIEMoAa6PXsrB/EudGo6PF4YlqtOY
	 nbVFV4n5ExgmUON9PdJevURrXbi+XnpQpQD7Dw8dtGSLpO4huXTSPsX2Fas8SW8s1
	 KZOkFZyw9atENHChSY4qnZM7Npxx8E3eM3hDsLumS6SMMOLF65DUvM+be7+3TwseD
	 3yNa3aqCOOE6UIetzQ==
X-UI-Sender-Class: 724b4f7f-cbec-4199-ad4e-598c01a50d3a
Received: from localhost.fritz.box ([82.135.81.54]) by mail.gmx.net (mrgmx005
 [212.227.17.190]) with ESMTPSA (Nemesis) id 1N1wlv-1tGqF847rN-00yL5F; Mon, 03
 Feb 2025 18:02:28 +0100
From: Peter Seiderer <ps.report@gmx.net>
To: netdev@vger.kernel.org
Cc: linux-kernel@vger.kernel.org,
	linux-kselftest@vger.kernel.org,
	"David S . Miller" <davem@davemloft.net>,
	Eric Dumazet <edumazet@google.com>,
	Jakub Kicinski <kuba@kernel.org>,
	Paolo Abeni <pabeni@redhat.com>,
	Simon Horman <horms@kernel.org>,
	Shuah Khan <shuah@kernel.org>,
	Nam Cao <namcao@linutronix.de>,
	Thomas Gleixner <tglx@linutronix.de>,
	Frederic Weisbecker <frederic@kernel.org>,
	Artem Chernyshev <artem.chernyshev@red-soft.ru>,
	Peter Seiderer <ps.report@gmx.net>
Subject: [PATCH net-next v3 00/10] Some pktgen fixes/improvments
Date: Mon,  3 Feb 2025 18:01:51 +0100
Message-ID: <20250203170201.1661703-1-ps.report@gmx.net>
X-Mailer: git-send-email 2.48.1
Precedence: bulk
X-Mailing-List: linux-kselftest@vger.kernel.org
List-Id: <linux-kselftest.vger.kernel.org>
List-Subscribe: <mailto:linux-kselftest+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kselftest+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
X-Provags-ID: V03:K1:ljnXDHHJTj7ZOe2oeGv57U3iSYOHAPJuNZO/2noPrjP1GrvPfKW
 pzt89Uv3FUuasOhCBrMi1RLHyK/gYXH8yg6e2hc0Y6ebi5a2Xgfznpv8go+G9pvkodi7EzL
 uw0gTtV508cjPb5CKdQ+ea0VqAci6KrBs/UDqCpsqlUQj5G++IOof9I5UGZu2d2qew61qkm
 tx8m+qIMlfDPemgQ9jTxw==
X-Spam-Flag: NO
UI-OutboundReport: notjunk:1;M01:P0:lfhWLasaKag=;tEPiZR11S18Qh6uV/W26/cPlFF9
 TRbOIj0mXbIlwwdYB6FRrbewgTQ7flcoxk1rxG3bwaRIhFtnRG5x6xPLunvl88+XuMWYdjsNx
 EPTyGtQlot1pB2y1AfB3iNXKhHm2vHHbLZE/Lym+7GBQOXJ79jaPa5GVJ08Hby+5FYyRylLvz
 T2yS3NtN4tUkPI5D+FFV++auXhgzm1ocVOGZnWoE/TrUegbl6mC9yRceJne67ZouLOoi4q7kx
 ecPFff3ZwQc+FkChmx5ajbO3kC/g1zECsBdG70q3RLsMI5q/PHWctYPrHr2qTFLAUeCurLHy7
 3oIpI2oraCfz5pNHef40gXL7OxpORXuVjfrgBhFMo1RpM3k/JWj4IGqC55x1dgrLn6mn4lw4A
 d9FRP5gzQXw8Lyljsp0iYfcRy2DQOwbQRc7hvluMrGC2WKHB4QNY/9ZDQWE/8ytwlm+bi0Z2X
 GUJmoUgXOBYivE308XxC/c+VYywxYTdv6YcSuPWItJ3X6jAPR7g5eI+g65KT+2sSBik6vnEAJ
 J5UIXKlMiYzhbJ/cWTquSE7gf5M7SEIiGWb/yEmO19Q/szbqFJEBNm1p7c67x6UxEJGy4iZ5e
 C19PRrKIeoeIfmzPNq318/wvw8A/jRCtZk0Sn1s7vuSVg3p2QdqnK/R2fvv/3+vFuDS71BgRg
 AyKz0X1Ba46LVNl32cpRUQt+/XOxrt9t87dqSM2V50tcmK12RV0NzJpiuPZazytKwjxlXGLvx
 HVwW+VBt4vg0UNM2uD8KjYhE92YyqBgpfGVMNnGh/f7euvfIsowpiZ3tA40NQcrbNhYJHIrAY
 s3SPeVFHOAFl/NHVgMOrBUZZ+1vFZpcb2hscs0e1rs5VDMVWqylu+8SVstDN0gsM1PM3qY572
 hxOb+GJHZ5AXglOkY/V701pptU0KFUfHcAmsqhsIkORovUhf76752KvnVhjF7TPHBsGyEU/ZF
 XuOE+JRf2O6i+FLaHmOgQgici5YADzmOiCc8PW5C/tqK1WGmunuGRLdEhmpTeY+cZz4F1yQUP
 ns0FBNUYGvNQjjNzs08DxBcyeBiNfClQAE6gxx0yYblG5kRExOpyEKv96X46+NkkcoRZdW1rG
 Vx/i/H9TOWTt1/Ojs25cz6aLHP4RzU679ozLT0Wuzb4OU4gxO6M338mHvCQykkA5AG81CgmxP
 d9R7Wm447yb8JYrxlXxPHho4ZVtmfhg/TTm8q+GFyeOjYVP/5JOh0XQMCBbFZig0+oxpvK2c9
 W9KhGP6QbiNU3g5UXG07MuxyLcOhEXd3msRRjUdO2DfJsd/0tp/6QXFt77Ax+OguFaxWUB9/g
 UwkAeF3vBzjIY8UuyYYTXuiRehZjOam3X7o8ukrNg7jztI=

While taking a look at '[PATCH net] pktgen: Avoid out-of-range in
get_imix_entries' ([1]) and '[PATCH net v2] pktgen: Avoid out-of-bounds access
in get_imix_entries' ([2], [3]) and doing some tests and code review I
detected that the /proc/net/pktgen/... parsing logic does not honour the
user given buffer bounds (resulting in out-of-bounds access).

This can be observed e.g. by the following simple test (sometimes the
old/'longer' previous value is re-read from the buffer):

	$ echo add_device lo@0 > /proc/net/pktgen/kpktgend_0

	$ echo "min_pkt_size 12345" > /proc/net/pktgen/lo\@0 && grep min_pkt_size /proc/net/pktgen/lo\@0
Params: count 1000  min_pkt_size: 12345  max_pkt_size: 0
Result: OK: min_pkt_size=12345

	$ echo -n "min_pkt_size 123" > /proc/net/pktgen/lo\@0 && grep min_pkt_size /proc/net/pktgen/lo\@0
Params: count 1000  min_pkt_size: 12345  max_pkt_size: 0
Result: OK: min_pkt_size=12345

	$ echo "min_pkt_size 123" > /proc/net/pktgen/lo\@0 && grep min_pkt_size /proc/net/pktgen/lo\@0
Params: count 1000  min_pkt_size: 123  max_pkt_size: 0
Result: OK: min_pkt_size=123

So fix the out-of-bounds access (and some minor findings) and add a simple
proc_net_pktgen selftest...

Regards,
Peter

Changes v2 -> v3:
 - new patch: 'net: pktgen: fix ctrl interface command parsing'
 - new patch: 'net: pktgen: fix mpls reset parsing'
 - tools/testing/selftests/net/proc_net_pktgen.c:
   - fix typo in change description ('v1 -> v1' and tyop)
   - rename some vars to better match usage
     add_loopback_0 -> thr_cmd_add_loopback_0
     rm_loopback_0 -> thr_cmd_rm_loopback_0
     wrong_ctrl_cmd -> wrong_thr_cmd
     legacy_ctrl_cmd -> legacy_thr_cmd
     ctrl_fd -> thr_fd
   - add ctrl interface tests

Changes v1 -> v2:
 - new patch: 'net: pktgen: fix hex32_arg parsing for short reads'
 - new patch: 'net: pktgen: fix 'rate 0' error handling (return -EINVAL)'
 - new patch: 'net: pktgen: fix 'ratep 0' error handling (return -EINVAL)'
 - net/core/pktgen.c: additional fix get_imix_entries() and get_labels()
 - tools/testing/selftests/net/proc_net_pktgen.c:
   - fix tyop not vs. nod (suggested by Jakub Kicinski)
   - fix misaligned line (suggested by Jakub Kicinski)
   - enable fomerly commented out CONFIG_XFRM dependent test (command spi),
     as CONFIG_XFRM is enabled via tools/testing/selftests/net/config
     CONFIG_XFRM_INTERFACE/CONFIG_XFRM_USER (suggestex by Jakub Kicinski)
   - add CONFIG_NET_PKTGEN=m to tools/testing/selftests/net/config
     (suggested by Jakub Kicinski)
   - add modprobe pktgen to FIXTURE_SETUP() (suggested by Jakub Kicinski)
   - fix some checkpatch warnings (Missing a blank line after declarations)
   - shrink line length by re-naming some variables (command -> cmd,
     device -> dev)
   - add 'rate 0' testcase
   - add 'ratep 0' testcase

[1] https://lore.kernel.org/netdev/20241006221221.3744995-1-artem.chernyshev@red-soft.ru/
[2] https://lore.kernel.org/netdev/20250109083039.14004-1-pchelkin@ispras.ru/
[3] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=76201b5979768500bca362871db66d77cb4c225e

Peter Seiderer (10):
  net: pktgen: replace ENOTSUPP with EOPNOTSUPP
  net: pktgen: enable 'param=value' parsing
  net: pktgen: fix hex32_arg parsing for short reads
  net: pktgen: fix 'rate 0' error handling (return -EINVAL)
  net: pktgen: fix 'ratep 0' error handling (return -EINVAL)
  net: pktgen: fix ctrl interface command parsing
  net: pktgen: fix access outside of user given buffer in
    pktgen_thread_write()
  net: pktgen: fix access outside of user given buffer in
    pktgen_if_write()
  net: pktgen: fix mpls reset parsing
  selftest: net: add proc_net_pktgen

 net/core/pktgen.c                             | 257 ++++---
 tools/testing/selftests/net/Makefile          |   1 +
 tools/testing/selftests/net/config            |   1 +
 tools/testing/selftests/net/proc_net_pktgen.c | 650 ++++++++++++++++++
 4 files changed, 819 insertions(+), 90 deletions(-)
 create mode 100644 tools/testing/selftests/net/proc_net_pktgen.c