| Message ID | 1632972800-45091-1-git-send-email-zhangchangzhong@huawei.com (mailing list archive) |
|---|---|
| State | Awaiting Upstream |
| Delegated to: | Netdev Maintainers |
| Headers | show |
| Series | [net] can: j1939: j1939_xtp_rx_dat_one(): cancel session if receive TP.DT with error length | expand |
| Context | Check | Description |
|---|---|---|
| netdev/cover_letter | success | Link |
| netdev/fixes_present | success | Link |
| netdev/patch_count | success | Link |
| netdev/tree_selection | success | Clearly marked for net |
| netdev/subject_prefix | success | Link |
| netdev/cc_maintainers | fail | 1 blamed authors not CCed: lkp@intel.com; 1 maintainers not CCed: lkp@intel.com |
| netdev/source_inline | success | Was 0 now: 0 |
| netdev/verify_signedoff | success | Link |
| netdev/module_param | success | Was 0 now: 0 |
| netdev/build_32bit | success | Errors and warnings before: 0 this patch: 0 |
| netdev/kdoc | success | Errors and warnings before: 0 this patch: 0 |
| netdev/verify_fixes | success | Link |
| netdev/checkpatch | success | total: 0 errors, 0 warnings, 0 checks, 27 lines checked |
| netdev/build_allmodconfig_warn | success | Errors and warnings before: 0 this patch: 0 |
| netdev/header_inline | success | Link |
On Thu, 30 Sep 2021 11:33:20 +0800, Zhang Changzhong wrote: > According to SAE-J1939-21, the data length of TP.DT must be 8 bytes, so > cancel session when receive unexpected TP.DT message. SAE-j1939-21 indeed says that all TP.DT must be 8 bytes. However, the last TP.DT may contain up to 6 stuff bytes, which have no meaning. If I remember well, they are even not 'reserved'. > > Fixes: 9d71dd0c7009 ("can: add support of SAE J1939 protocol") > Signed-off-by: Zhang Changzhong <zhangchangzhong@huawei.com> > --- > net/can/j1939/transport.c | 7 +++++-- > 1 file changed, 5 insertions(+), 2 deletions(-) > > diff --git a/net/can/j1939/transport.c b/net/can/j1939/transport.c > index bb5c4b8..eedaeaf 100644 > --- a/net/can/j1939/transport.c > +++ b/net/can/j1939/transport.c > @@ -1789,6 +1789,7 @@ static void j1939_xtp_rx_dpo(struct j1939_priv *priv, struct sk_buff *skb, > static void j1939_xtp_rx_dat_one(struct j1939_session *session, > struct sk_buff *skb) > { > + enum j1939_xtp_abort abort = J1939_XTP_ABORT_FAULT; > struct j1939_priv *priv = session->priv; > struct j1939_sk_buff_cb *skcb, *se_skcb; > struct sk_buff *se_skb = NULL; > @@ -1803,9 +1804,11 @@ static void j1939_xtp_rx_dat_one(struct j1939_session *session, > > skcb = j1939_skb_to_cb(skb); > dat = skb->data; > - if (skb->len <= 1) > + if (skb->len != 8) { > /* makes no sense */ > + abort = J1939_XTP_ABORT_UNEXPECTED_DATA; > goto out_session_cancel; I think this is a situation of "be strict on what you send, be tolerant on what you receive". Did you find a technical reason to abort a session because the last frame didn't bring overhead that you don't use? Kind regards, Kurt > + } > > switch (session->last_cmd) { > case 0xff: > @@ -1904,7 +1907,7 @@ static void j1939_xtp_rx_dat_one(struct j1939_session *session, > out_session_cancel: > kfree_skb(se_skb); > j1939_session_timers_cancel(session); > - j1939_session_cancel(session, J1939_XTP_ABORT_FAULT); > + j1939_session_cancel(session, abort); > j1939_session_put(session); > } > > -- > 2.9.5 >
Hi Kurt, Sorry for the late reply. On 2021/9/30 15:42, Kurt Van Dijck wrote: > On Thu, 30 Sep 2021 11:33:20 +0800, Zhang Changzhong wrote: >> According to SAE-J1939-21, the data length of TP.DT must be 8 bytes, so >> cancel session when receive unexpected TP.DT message. > > SAE-j1939-21 indeed says that all TP.DT must be 8 bytes. > However, the last TP.DT may contain up to 6 stuff bytes, which have no meaning. > If I remember well, they are even not 'reserved'. Agree, these bytes are meaningless for last TP.DT. > >> >> Fixes: 9d71dd0c7009 ("can: add support of SAE J1939 protocol") >> Signed-off-by: Zhang Changzhong <zhangchangzhong@huawei.com> >> --- >> net/can/j1939/transport.c | 7 +++++-- >> 1 file changed, 5 insertions(+), 2 deletions(-) >> >> diff --git a/net/can/j1939/transport.c b/net/can/j1939/transport.c >> index bb5c4b8..eedaeaf 100644 >> --- a/net/can/j1939/transport.c >> +++ b/net/can/j1939/transport.c >> @@ -1789,6 +1789,7 @@ static void j1939_xtp_rx_dpo(struct j1939_priv *priv, struct sk_buff *skb, >> static void j1939_xtp_rx_dat_one(struct j1939_session *session, >> struct sk_buff *skb) >> { >> + enum j1939_xtp_abort abort = J1939_XTP_ABORT_FAULT; >> struct j1939_priv *priv = session->priv; >> struct j1939_sk_buff_cb *skcb, *se_skcb; >> struct sk_buff *se_skb = NULL; >> @@ -1803,9 +1804,11 @@ static void j1939_xtp_rx_dat_one(struct j1939_session *session, >> >> skcb = j1939_skb_to_cb(skb); >> dat = skb->data; >> - if (skb->len <= 1) >> + if (skb->len != 8) { >> /* makes no sense */ >> + abort = J1939_XTP_ABORT_UNEXPECTED_DATA; >> goto out_session_cancel; > > I think this is a situation of > "be strict on what you send, be tolerant on what you receive". > > Did you find a technical reason to abort a session because the last frame didn't > bring overhead that you don't use? No technical reason. The only reason is that SAE-J1939-82 requires responder to abort session if any TP.DT less than 8 bytes (section A.3.4, Row 7). Best regards, Changzhong > > Kind regards, > Kurt >> + } >> >> switch (session->last_cmd) { >> case 0xff: >> @@ -1904,7 +1907,7 @@ static void j1939_xtp_rx_dat_one(struct j1939_session *session, >> out_session_cancel: >> kfree_skb(se_skb); >> j1939_session_timers_cancel(session); >> - j1939_session_cancel(session, J1939_XTP_ABORT_FAULT); >> + j1939_session_cancel(session, abort); >> j1939_session_put(session); >> } >> >> -- >> 2.9.5 >> > . >
On Fri, Oct 08, 2021 at 05:22:12PM +0800, Zhang Changzhong wrote: > Hi Kurt, > Sorry for the late reply. > > On 2021/9/30 15:42, Kurt Van Dijck wrote: > > On Thu, 30 Sep 2021 11:33:20 +0800, Zhang Changzhong wrote: > >> According to SAE-J1939-21, the data length of TP.DT must be 8 bytes, so > >> cancel session when receive unexpected TP.DT message. > > > > SAE-j1939-21 indeed says that all TP.DT must be 8 bytes. > > However, the last TP.DT may contain up to 6 stuff bytes, which have no meaning. > > If I remember well, they are even not 'reserved'. > > Agree, these bytes are meaningless for last TP.DT. > > > > >> > >> Fixes: 9d71dd0c7009 ("can: add support of SAE J1939 protocol") > >> Signed-off-by: Zhang Changzhong <zhangchangzhong@huawei.com> > >> --- > >> net/can/j1939/transport.c | 7 +++++-- > >> 1 file changed, 5 insertions(+), 2 deletions(-) > >> > >> diff --git a/net/can/j1939/transport.c b/net/can/j1939/transport.c > >> index bb5c4b8..eedaeaf 100644 > >> --- a/net/can/j1939/transport.c > >> +++ b/net/can/j1939/transport.c > >> @@ -1789,6 +1789,7 @@ static void j1939_xtp_rx_dpo(struct j1939_priv *priv, struct sk_buff *skb, > >> static void j1939_xtp_rx_dat_one(struct j1939_session *session, > >> struct sk_buff *skb) > >> { > >> + enum j1939_xtp_abort abort = J1939_XTP_ABORT_FAULT; > >> struct j1939_priv *priv = session->priv; > >> struct j1939_sk_buff_cb *skcb, *se_skcb; > >> struct sk_buff *se_skb = NULL; > >> @@ -1803,9 +1804,11 @@ static void j1939_xtp_rx_dat_one(struct j1939_session *session, > >> > >> skcb = j1939_skb_to_cb(skb); > >> dat = skb->data; > >> - if (skb->len <= 1) > >> + if (skb->len != 8) { > >> /* makes no sense */ > >> + abort = J1939_XTP_ABORT_UNEXPECTED_DATA; > >> goto out_session_cancel; > > > > I think this is a situation of > > "be strict on what you send, be tolerant on what you receive". > > > > Did you find a technical reason to abort a session because the last frame didn't > > bring overhead that you don't use? > > No technical reason. The only reason is that SAE-J1939-82 requires responder > to abort session if any TP.DT less than 8 bytes (section A.3.4, Row 7). Do you mean: "BAM Transport: Ensure DUT discards BAM transport when TP.DT data packets are not correct size" ... "Verify DUT discards the BAM transport if any TP.DT data packet has less than 8 bytes"? Regards, Oleksij
On Fri, 08 Oct 2021 13:00:07 +0200, Oleksij Rempel wrote: > On Fri, Oct 08, 2021 at 05:22:12PM +0800, Zhang Changzhong wrote: > > Hi Kurt, > > Sorry for the late reply. > > > > On 2021/9/30 15:42, Kurt Van Dijck wrote: > > > On Thu, 30 Sep 2021 11:33:20 +0800, Zhang Changzhong wrote: > > >> According to SAE-J1939-21, the data length of TP.DT must be 8 bytes, so > > >> cancel session when receive unexpected TP.DT message. > > > > > > SAE-j1939-21 indeed says that all TP.DT must be 8 bytes. > > > However, the last TP.DT may contain up to 6 stuff bytes, which have no meaning. > > > If I remember well, they are even not 'reserved'. > > > > Agree, these bytes are meaningless for last TP.DT. > > > > > > > >> > > >> Fixes: 9d71dd0c7009 ("can: add support of SAE J1939 protocol") > > >> Signed-off-by: Zhang Changzhong <zhangchangzhong@huawei.com> > > >> --- > > >> net/can/j1939/transport.c | 7 +++++-- > > >> 1 file changed, 5 insertions(+), 2 deletions(-) > > >> > > >> diff --git a/net/can/j1939/transport.c b/net/can/j1939/transport.c > > >> index bb5c4b8..eedaeaf 100644 > > >> --- a/net/can/j1939/transport.c > > >> +++ b/net/can/j1939/transport.c > > >> @@ -1789,6 +1789,7 @@ static void j1939_xtp_rx_dpo(struct j1939_priv *priv, struct sk_buff *skb, > > >> static void j1939_xtp_rx_dat_one(struct j1939_session *session, > > >> struct sk_buff *skb) > > >> { > > >> + enum j1939_xtp_abort abort = J1939_XTP_ABORT_FAULT; > > >> struct j1939_priv *priv = session->priv; > > >> struct j1939_sk_buff_cb *skcb, *se_skcb; > > >> struct sk_buff *se_skb = NULL; > > >> @@ -1803,9 +1804,11 @@ static void j1939_xtp_rx_dat_one(struct j1939_session *session, > > >> > > >> skcb = j1939_skb_to_cb(skb); > > >> dat = skb->data; > > >> - if (skb->len <= 1) > > >> + if (skb->len != 8) { > > >> /* makes no sense */ > > >> + abort = J1939_XTP_ABORT_UNEXPECTED_DATA; > > >> goto out_session_cancel; > > > > > > I think this is a situation of > > > "be strict on what you send, be tolerant on what you receive". > > > > > > Did you find a technical reason to abort a session because the last frame didn't > > > bring overhead that you don't use? > > > > No technical reason. The only reason is that SAE-J1939-82 requires responder > > to abort session if any TP.DT less than 8 bytes (section A.3.4, Row 7). IMHO, this is some kind of laziness to make the exception for the last TP.DT. I attended an ISOBUS certification (back in 2013) where the transmitting node effectively stripped the trailing bytes, and this 'deviation' was not even noticed. This change applies to the receiving side. Would a sender that leaves the trailing bytes want you to discard the session bacause of this? So the spirit of the SAE-J1939-82 is, in this case, different from the strict literal interpretation. > > Do you mean: "BAM Transport: Ensure DUT discards BAM transport when > TP.DT data packets are not correct size" ... "Verify DUT discards the > BAM transport if any TP.DT data packet has less than 8 bytes"? Kind regards, Kurt
On 2021/10/8 19:00, Oleksij Rempel wrote: > On Fri, Oct 08, 2021 at 05:22:12PM +0800, Zhang Changzhong wrote: >> Hi Kurt, >> Sorry for the late reply. >> >> On 2021/9/30 15:42, Kurt Van Dijck wrote: >>> On Thu, 30 Sep 2021 11:33:20 +0800, Zhang Changzhong wrote: >>>> According to SAE-J1939-21, the data length of TP.DT must be 8 bytes, so >>>> cancel session when receive unexpected TP.DT message. >>> >>> SAE-j1939-21 indeed says that all TP.DT must be 8 bytes. >>> However, the last TP.DT may contain up to 6 stuff bytes, which have no meaning. >>> If I remember well, they are even not 'reserved'. >> >> Agree, these bytes are meaningless for last TP.DT. >> >>> >>>> >>>> Fixes: 9d71dd0c7009 ("can: add support of SAE J1939 protocol") >>>> Signed-off-by: Zhang Changzhong <zhangchangzhong@huawei.com> >>>> --- >>>> net/can/j1939/transport.c | 7 +++++-- >>>> 1 file changed, 5 insertions(+), 2 deletions(-) >>>> >>>> diff --git a/net/can/j1939/transport.c b/net/can/j1939/transport.c >>>> index bb5c4b8..eedaeaf 100644 >>>> --- a/net/can/j1939/transport.c >>>> +++ b/net/can/j1939/transport.c >>>> @@ -1789,6 +1789,7 @@ static void j1939_xtp_rx_dpo(struct j1939_priv *priv, struct sk_buff *skb, >>>> static void j1939_xtp_rx_dat_one(struct j1939_session *session, >>>> struct sk_buff *skb) >>>> { >>>> + enum j1939_xtp_abort abort = J1939_XTP_ABORT_FAULT; >>>> struct j1939_priv *priv = session->priv; >>>> struct j1939_sk_buff_cb *skcb, *se_skcb; >>>> struct sk_buff *se_skb = NULL; >>>> @@ -1803,9 +1804,11 @@ static void j1939_xtp_rx_dat_one(struct j1939_session *session, >>>> >>>> skcb = j1939_skb_to_cb(skb); >>>> dat = skb->data; >>>> - if (skb->len <= 1) >>>> + if (skb->len != 8) { >>>> /* makes no sense */ >>>> + abort = J1939_XTP_ABORT_UNEXPECTED_DATA; >>>> goto out_session_cancel; >>> >>> I think this is a situation of >>> "be strict on what you send, be tolerant on what you receive". >>> >>> Did you find a technical reason to abort a session because the last frame didn't >>> bring overhead that you don't use? >> >> No technical reason. The only reason is that SAE-J1939-82 requires responder >> to abort session if any TP.DT less than 8 bytes (section A.3.4, Row 7). > > Do you mean: "BAM Transport: Ensure DUT discards BAM transport when > TP.DT data packets are not correct size" ... "Verify DUT discards the > BAM transport if any TP.DT data packet has less than 8 bytes"? Yes. Regards, Changzhong > > Regards, > Oleksij >
On 2021/10/9 1:09, Kurt Van Dijck wrote: > On Fri, 08 Oct 2021 13:00:07 +0200, Oleksij Rempel wrote: >> On Fri, Oct 08, 2021 at 05:22:12PM +0800, Zhang Changzhong wrote: >>> Hi Kurt, >>> Sorry for the late reply. >>> >>> On 2021/9/30 15:42, Kurt Van Dijck wrote: >>>> On Thu, 30 Sep 2021 11:33:20 +0800, Zhang Changzhong wrote: >>>>> According to SAE-J1939-21, the data length of TP.DT must be 8 bytes, so >>>>> cancel session when receive unexpected TP.DT message. >>>> >>>> SAE-j1939-21 indeed says that all TP.DT must be 8 bytes. >>>> However, the last TP.DT may contain up to 6 stuff bytes, which have no meaning. >>>> If I remember well, they are even not 'reserved'. >>> >>> Agree, these bytes are meaningless for last TP.DT. >>> >>>> >>>>> >>>>> Fixes: 9d71dd0c7009 ("can: add support of SAE J1939 protocol") >>>>> Signed-off-by: Zhang Changzhong <zhangchangzhong@huawei.com> >>>>> --- >>>>> net/can/j1939/transport.c | 7 +++++-- >>>>> 1 file changed, 5 insertions(+), 2 deletions(-) >>>>> >>>>> diff --git a/net/can/j1939/transport.c b/net/can/j1939/transport.c >>>>> index bb5c4b8..eedaeaf 100644 >>>>> --- a/net/can/j1939/transport.c >>>>> +++ b/net/can/j1939/transport.c >>>>> @@ -1789,6 +1789,7 @@ static void j1939_xtp_rx_dpo(struct j1939_priv *priv, struct sk_buff *skb, >>>>> static void j1939_xtp_rx_dat_one(struct j1939_session *session, >>>>> struct sk_buff *skb) >>>>> { >>>>> + enum j1939_xtp_abort abort = J1939_XTP_ABORT_FAULT; >>>>> struct j1939_priv *priv = session->priv; >>>>> struct j1939_sk_buff_cb *skcb, *se_skcb; >>>>> struct sk_buff *se_skb = NULL; >>>>> @@ -1803,9 +1804,11 @@ static void j1939_xtp_rx_dat_one(struct j1939_session *session, >>>>> >>>>> skcb = j1939_skb_to_cb(skb); >>>>> dat = skb->data; >>>>> - if (skb->len <= 1) >>>>> + if (skb->len != 8) { >>>>> /* makes no sense */ >>>>> + abort = J1939_XTP_ABORT_UNEXPECTED_DATA; >>>>> goto out_session_cancel; >>>> >>>> I think this is a situation of >>>> "be strict on what you send, be tolerant on what you receive". >>>> >>>> Did you find a technical reason to abort a session because the last frame didn't >>>> bring overhead that you don't use? >>> >>> No technical reason. The only reason is that SAE-J1939-82 requires responder >>> to abort session if any TP.DT less than 8 bytes (section A.3.4, Row 7). > > IMHO, this is some kind of laziness to make the exception for the last TP.DT. > > I attended an ISOBUS certification (back in 2013) where the transmitting > node effectively stripped the trailing bytes, and this 'deviation' was > not even noticed. I found that SAE-J1939-82 contains the following test: "BAM Transport: Ensure extra (unused) bytes of last Data Transfer data packet is/are filled-in correctly. (DUT as Originator)" ... "Verify last TP.DT data packet for a BAM transport is sent with an 8 byte data field and the unused bytes of this packet are filled with FF" (section A.3.3, Row 8). So the J1939 compliance test can detect this kind of 'deviation', perhaps ISOBUS certification does not do this check? > > This change applies to the receiving side. Would a sender that > leaves the trailing bytes want you to discard the session bacause of this? > So the spirit of the SAE-J1939-82 is, in this case, different from > the strict literal interpretation. Such packets should not be sent if the sender complies with SAE-J1939-82, but if the transmitting node you mentioned above exist on the network, this patch will casue their sessions to be aborted. From this point of view, I think it is reasonable to drop this patch. Regards, Changzhong > >> >> Do you mean: "BAM Transport: Ensure DUT discards BAM transport when >> TP.DT data packets are not correct size" ... "Verify DUT discards the >> BAM transport if any TP.DT data packet has less than 8 bytes"? > > Kind regards, > Kurt > . >
On Sat, Oct 09, 2021 at 04:43:56PM +0800, Zhang Changzhong wrote: > On 2021/10/8 19:00, Oleksij Rempel wrote: > > On Fri, Oct 08, 2021 at 05:22:12PM +0800, Zhang Changzhong wrote: > >> Hi Kurt, > >> Sorry for the late reply. > >> > >> On 2021/9/30 15:42, Kurt Van Dijck wrote: > >>> On Thu, 30 Sep 2021 11:33:20 +0800, Zhang Changzhong wrote: > >>>> According to SAE-J1939-21, the data length of TP.DT must be 8 bytes, so > >>>> cancel session when receive unexpected TP.DT message. > >>> > >>> SAE-j1939-21 indeed says that all TP.DT must be 8 bytes. > >>> However, the last TP.DT may contain up to 6 stuff bytes, which have no meaning. > >>> If I remember well, they are even not 'reserved'. > >> > >> Agree, these bytes are meaningless for last TP.DT. > >> > >>> > >>>> > >>>> Fixes: 9d71dd0c7009 ("can: add support of SAE J1939 protocol") > >>>> Signed-off-by: Zhang Changzhong <zhangchangzhong@huawei.com> > >>>> --- > >>>> net/can/j1939/transport.c | 7 +++++-- > >>>> 1 file changed, 5 insertions(+), 2 deletions(-) > >>>> > >>>> diff --git a/net/can/j1939/transport.c b/net/can/j1939/transport.c > >>>> index bb5c4b8..eedaeaf 100644 > >>>> --- a/net/can/j1939/transport.c > >>>> +++ b/net/can/j1939/transport.c > >>>> @@ -1789,6 +1789,7 @@ static void j1939_xtp_rx_dpo(struct j1939_priv *priv, struct sk_buff *skb, > >>>> static void j1939_xtp_rx_dat_one(struct j1939_session *session, > >>>> struct sk_buff *skb) > >>>> { > >>>> + enum j1939_xtp_abort abort = J1939_XTP_ABORT_FAULT; > >>>> struct j1939_priv *priv = session->priv; > >>>> struct j1939_sk_buff_cb *skcb, *se_skcb; > >>>> struct sk_buff *se_skb = NULL; > >>>> @@ -1803,9 +1804,11 @@ static void j1939_xtp_rx_dat_one(struct j1939_session *session, > >>>> > >>>> skcb = j1939_skb_to_cb(skb); > >>>> dat = skb->data; > >>>> - if (skb->len <= 1) > >>>> + if (skb->len != 8) { > >>>> /* makes no sense */ > >>>> + abort = J1939_XTP_ABORT_UNEXPECTED_DATA; > >>>> goto out_session_cancel; > >>> > >>> I think this is a situation of > >>> "be strict on what you send, be tolerant on what you receive". > >>> > >>> Did you find a technical reason to abort a session because the last frame didn't > >>> bring overhead that you don't use? > >> > >> No technical reason. The only reason is that SAE-J1939-82 requires responder > >> to abort session if any TP.DT less than 8 bytes (section A.3.4, Row 7). > > > > Do you mean: "BAM Transport: Ensure DUT discards BAM transport when > > TP.DT data packets are not correct size" ... "Verify DUT discards the > > BAM transport if any TP.DT data packet has less than 8 bytes"? > > Yes. OK, then I have some problems to understand this part: - 5.10.2.4 Connection Closure The “connection abort” message is not allowed to be used by responders in the case of a global destination (i.e. BAM). My assumption would be: In case of broadcast transfer, multiple MCU are receivers. If one of MCU was not able to get complete TP.DT, it should not abort BAM for all. So, "DUT discards the BAM transport" sounds for me as local action. Complete TP would be dropped locally. Regards Oleksij
On Mon, 11 Oct 2021 08:35:07 +0200, Oleksij Rempel wrote: > On Sat, Oct 09, 2021 at 04:43:56PM +0800, Zhang Changzhong wrote: > > On 2021/10/8 19:00, Oleksij Rempel wrote: > > > On Fri, Oct 08, 2021 at 05:22:12PM +0800, Zhang Changzhong wrote: > > >> Hi Kurt, > > >> Sorry for the late reply. > > >> > > >> On 2021/9/30 15:42, Kurt Van Dijck wrote: > > >>> On Thu, 30 Sep 2021 11:33:20 +0800, Zhang Changzhong wrote: > > >>>> According to SAE-J1939-21, the data length of TP.DT must be 8 bytes, so > > >>>> cancel session when receive unexpected TP.DT message. > > >>> > > >>> SAE-j1939-21 indeed says that all TP.DT must be 8 bytes. > > >>> However, the last TP.DT may contain up to 6 stuff bytes, which have no meaning. > > >>> If I remember well, they are even not 'reserved'. > > >> > > >> Agree, these bytes are meaningless for last TP.DT. > > >> > > >>> > > >>>> [...] > > >>> > > >>> I think this is a situation of > > >>> "be strict on what you send, be tolerant on what you receive". > > >>> > > >>> Did you find a technical reason to abort a session because the last frame didn't > > >>> bring overhead that you don't use? > > >> > > >> No technical reason. The only reason is that SAE-J1939-82 requires responder > > >> to abort session if any TP.DT less than 8 bytes (section A.3.4, Row 7). > > > > > > Do you mean: "BAM Transport: Ensure DUT discards BAM transport when > > > TP.DT data packets are not correct size" ... "Verify DUT discards the > > > BAM transport if any TP.DT data packet has less than 8 bytes"? > > > > Yes. > > OK, then I have some problems to understand this part: > - 5.10.2.4 Connection Closure > The “connection abort” message is not allowed to be used by responders in the > case of a global destination (i.e. BAM). > > My assumption would be: In case of broadcast transfer, multiple MCU are > receivers. If one of MCU was not able to get complete TP.DT, it should > not abort BAM for all. There is indeed no action defined to abort at BAM. > > So, "DUT discards the BAM transport" sounds for me as local action. > Complete TP would be dropped locally. exact. Kurt
On 2021/10/11 14:35, Oleksij Rempel wrote: > On Sat, Oct 09, 2021 at 04:43:56PM +0800, Zhang Changzhong wrote: >> On 2021/10/8 19:00, Oleksij Rempel wrote: >>> On Fri, Oct 08, 2021 at 05:22:12PM +0800, Zhang Changzhong wrote: >>>> Hi Kurt, >>>> Sorry for the late reply. >>>> >>>> On 2021/9/30 15:42, Kurt Van Dijck wrote: >>>>> On Thu, 30 Sep 2021 11:33:20 +0800, Zhang Changzhong wrote: >>>>>> According to SAE-J1939-21, the data length of TP.DT must be 8 bytes, so >>>>>> cancel session when receive unexpected TP.DT message. >>>>> >>>>> SAE-j1939-21 indeed says that all TP.DT must be 8 bytes. >>>>> However, the last TP.DT may contain up to 6 stuff bytes, which have no meaning. >>>>> If I remember well, they are even not 'reserved'. >>>> >>>> Agree, these bytes are meaningless for last TP.DT. >>>> >>>>> >>>>>> >>>>>> Fixes: 9d71dd0c7009 ("can: add support of SAE J1939 protocol") >>>>>> Signed-off-by: Zhang Changzhong <zhangchangzhong@huawei.com> >>>>>> --- >>>>>> net/can/j1939/transport.c | 7 +++++-- >>>>>> 1 file changed, 5 insertions(+), 2 deletions(-) >>>>>> >>>>>> diff --git a/net/can/j1939/transport.c b/net/can/j1939/transport.c >>>>>> index bb5c4b8..eedaeaf 100644 >>>>>> --- a/net/can/j1939/transport.c >>>>>> +++ b/net/can/j1939/transport.c >>>>>> @@ -1789,6 +1789,7 @@ static void j1939_xtp_rx_dpo(struct j1939_priv *priv, struct sk_buff *skb, >>>>>> static void j1939_xtp_rx_dat_one(struct j1939_session *session, >>>>>> struct sk_buff *skb) >>>>>> { >>>>>> + enum j1939_xtp_abort abort = J1939_XTP_ABORT_FAULT; >>>>>> struct j1939_priv *priv = session->priv; >>>>>> struct j1939_sk_buff_cb *skcb, *se_skcb; >>>>>> struct sk_buff *se_skb = NULL; >>>>>> @@ -1803,9 +1804,11 @@ static void j1939_xtp_rx_dat_one(struct j1939_session *session, >>>>>> >>>>>> skcb = j1939_skb_to_cb(skb); >>>>>> dat = skb->data; >>>>>> - if (skb->len <= 1) >>>>>> + if (skb->len != 8) { >>>>>> /* makes no sense */ >>>>>> + abort = J1939_XTP_ABORT_UNEXPECTED_DATA; >>>>>> goto out_session_cancel; >>>>> >>>>> I think this is a situation of >>>>> "be strict on what you send, be tolerant on what you receive". >>>>> >>>>> Did you find a technical reason to abort a session because the last frame didn't >>>>> bring overhead that you don't use? >>>> >>>> No technical reason. The only reason is that SAE-J1939-82 requires responder >>>> to abort session if any TP.DT less than 8 bytes (section A.3.4, Row 7). >>> >>> Do you mean: "BAM Transport: Ensure DUT discards BAM transport when >>> TP.DT data packets are not correct size" ... "Verify DUT discards the >>> BAM transport if any TP.DT data packet has less than 8 bytes"? >> >> Yes. > > OK, then I have some problems to understand this part: > - 5.10.2.4 Connection Closure > The “connection abort” message is not allowed to be used by responders in the > case of a global destination (i.e. BAM). > > My assumption would be: In case of broadcast transfer, multiple MCU are > receivers. If one of MCU was not able to get complete TP.DT, it should > not abort BAM for all. > > So, "DUT discards the BAM transport" sounds for me as local action. > Complete TP would be dropped locally. Yeah, you are right. With this patch receivers drop BAM transport locally because j1939_session_cancel() only send abort message in RTS/CTS transport. For RTS/CTS transport, SAE-J1939-82 also has similar requirements: "RTS/CTS Transport: Data field size of Transport Data packets for RTS/CTS (DUT as Responder)"..."Verify DUT behavior, e.g., sends a TP.CM_CTS to have packets resent or sends a TP.Conn_Abort, when it receives TP.DT data packets with less than 8 bytes" (section A.3.6, Row 18) Regards, Changzhong .
On Mon, Oct 11, 2021 at 06:40:15PM +0800, Zhang Changzhong wrote: > On 2021/10/11 14:35, Oleksij Rempel wrote: > > On Sat, Oct 09, 2021 at 04:43:56PM +0800, Zhang Changzhong wrote: > >> On 2021/10/8 19:00, Oleksij Rempel wrote: > >>> On Fri, Oct 08, 2021 at 05:22:12PM +0800, Zhang Changzhong wrote: > >>>> Hi Kurt, > >>>> Sorry for the late reply. > >>>> > >>>> On 2021/9/30 15:42, Kurt Van Dijck wrote: > >>>>> On Thu, 30 Sep 2021 11:33:20 +0800, Zhang Changzhong wrote: > >>>>>> According to SAE-J1939-21, the data length of TP.DT must be 8 bytes, so > >>>>>> cancel session when receive unexpected TP.DT message. > >>>>> > >>>>> SAE-j1939-21 indeed says that all TP.DT must be 8 bytes. > >>>>> However, the last TP.DT may contain up to 6 stuff bytes, which have no meaning. > >>>>> If I remember well, they are even not 'reserved'. > >>>> > >>>> Agree, these bytes are meaningless for last TP.DT. > >>>> > >>>>> > >>>>>> > >>>>>> Fixes: 9d71dd0c7009 ("can: add support of SAE J1939 protocol") > >>>>>> Signed-off-by: Zhang Changzhong <zhangchangzhong@huawei.com> > >>>>>> --- > >>>>>> net/can/j1939/transport.c | 7 +++++-- > >>>>>> 1 file changed, 5 insertions(+), 2 deletions(-) > >>>>>> > >>>>>> diff --git a/net/can/j1939/transport.c b/net/can/j1939/transport.c > >>>>>> index bb5c4b8..eedaeaf 100644 > >>>>>> --- a/net/can/j1939/transport.c > >>>>>> +++ b/net/can/j1939/transport.c > >>>>>> @@ -1789,6 +1789,7 @@ static void j1939_xtp_rx_dpo(struct j1939_priv *priv, struct sk_buff *skb, > >>>>>> static void j1939_xtp_rx_dat_one(struct j1939_session *session, > >>>>>> struct sk_buff *skb) > >>>>>> { > >>>>>> + enum j1939_xtp_abort abort = J1939_XTP_ABORT_FAULT; > >>>>>> struct j1939_priv *priv = session->priv; > >>>>>> struct j1939_sk_buff_cb *skcb, *se_skcb; > >>>>>> struct sk_buff *se_skb = NULL; > >>>>>> @@ -1803,9 +1804,11 @@ static void j1939_xtp_rx_dat_one(struct j1939_session *session, > >>>>>> > >>>>>> skcb = j1939_skb_to_cb(skb); > >>>>>> dat = skb->data; > >>>>>> - if (skb->len <= 1) > >>>>>> + if (skb->len != 8) { > >>>>>> /* makes no sense */ > >>>>>> + abort = J1939_XTP_ABORT_UNEXPECTED_DATA; > >>>>>> goto out_session_cancel; > >>>>> > >>>>> I think this is a situation of > >>>>> "be strict on what you send, be tolerant on what you receive". > >>>>> > >>>>> Did you find a technical reason to abort a session because the last frame didn't > >>>>> bring overhead that you don't use? > >>>> > >>>> No technical reason. The only reason is that SAE-J1939-82 requires responder > >>>> to abort session if any TP.DT less than 8 bytes (section A.3.4, Row 7). > >>> > >>> Do you mean: "BAM Transport: Ensure DUT discards BAM transport when > >>> TP.DT data packets are not correct size" ... "Verify DUT discards the > >>> BAM transport if any TP.DT data packet has less than 8 bytes"? > >> > >> Yes. > > > > OK, then I have some problems to understand this part: > > - 5.10.2.4 Connection Closure > > The “connection abort” message is not allowed to be used by responders in the > > case of a global destination (i.e. BAM). > > > > My assumption would be: In case of broadcast transfer, multiple MCU are > > receivers. If one of MCU was not able to get complete TP.DT, it should > > not abort BAM for all. > > > > So, "DUT discards the BAM transport" sounds for me as local action. > > Complete TP would be dropped locally. > > Yeah, you are right. With this patch receivers drop BAM transport locally > because j1939_session_cancel() only send abort message in RTS/CTS transport. > > For RTS/CTS transport, SAE-J1939-82 also has similar requirements: > "RTS/CTS Transport: Data field size of Transport Data packets for RTS/CTS > (DUT as Responder)"..."Verify DUT behavior, e.g., sends a TP.CM_CTS to have > packets resent or sends a TP.Conn_Abort, when it receives TP.DT data packets > with less than 8 bytes" (section A.3.6, Row 18) You are right. Sounds plausible. If we find some device in the field which will need a workaround to support less than 8byte, then we will need to add some UAPI to configure it. By default we should follow the spec. @Kurt, do you have anything against it? Regards, Oleksij
On Tue, 12 Oct 2021 12:21:31 +0200, Oleksij Rempel wrote: > On Mon, Oct 11, 2021 at 06:40:15PM +0800, Zhang Changzhong wrote: > > On 2021/10/11 14:35, Oleksij Rempel wrote: > > > On Sat, Oct 09, 2021 at 04:43:56PM +0800, Zhang Changzhong wrote: > > >> On 2021/10/8 19:00, Oleksij Rempel wrote: > > >>> On Fri, Oct 08, 2021 at 05:22:12PM +0800, Zhang Changzhong wrote: > > >>>> Hi Kurt, > > >>>> Sorry for the late reply. > > >>>> > > >>>> On 2021/9/30 15:42, Kurt Van Dijck wrote: > > >>>>> On Thu, 30 Sep 2021 11:33:20 +0800, Zhang Changzhong wrote: > > >>>>>> According to SAE-J1939-21, the data length of TP.DT must be 8 bytes, so > > >>>>>> cancel session when receive unexpected TP.DT message. > > >>>>> > > >>>>> SAE-j1939-21 indeed says that all TP.DT must be 8 bytes. > > >>>>> However, the last TP.DT may contain up to 6 stuff bytes, which have no meaning. > > >>>>> If I remember well, they are even not 'reserved'. > > >>>> > > >>>> Agree, these bytes are meaningless for last TP.DT. > > >>>> > > >>>>> > > >>>>>> > > >>>>>> Fixes: 9d71dd0c7009 ("can: add support of SAE J1939 protocol") > > >>>>>> Signed-off-by: Zhang Changzhong <zhangchangzhong@huawei.com> > > >>>>>> --- > > >>>>>> net/can/j1939/transport.c | 7 +++++-- > > >>>>>> 1 file changed, 5 insertions(+), 2 deletions(-) > > >>>>>> > > >>>>>> diff --git a/net/can/j1939/transport.c b/net/can/j1939/transport.c > > >>>>>> index bb5c4b8..eedaeaf 100644 > > >>>>>> --- a/net/can/j1939/transport.c > > >>>>>> +++ b/net/can/j1939/transport.c > > >>>>>> @@ -1789,6 +1789,7 @@ static void j1939_xtp_rx_dpo(struct j1939_priv *priv, struct sk_buff *skb, > > >>>>>> static void j1939_xtp_rx_dat_one(struct j1939_session *session, > > >>>>>> struct sk_buff *skb) > > >>>>>> { > > >>>>>> + enum j1939_xtp_abort abort = J1939_XTP_ABORT_FAULT; > > >>>>>> struct j1939_priv *priv = session->priv; > > >>>>>> struct j1939_sk_buff_cb *skcb, *se_skcb; > > >>>>>> struct sk_buff *se_skb = NULL; > > >>>>>> @@ -1803,9 +1804,11 @@ static void j1939_xtp_rx_dat_one(struct j1939_session *session, > > >>>>>> > > >>>>>> skcb = j1939_skb_to_cb(skb); > > >>>>>> dat = skb->data; > > >>>>>> - if (skb->len <= 1) > > >>>>>> + if (skb->len != 8) { > > >>>>>> /* makes no sense */ > > >>>>>> + abort = J1939_XTP_ABORT_UNEXPECTED_DATA; > > >>>>>> goto out_session_cancel; > > >>>>> > > >>>>> I think this is a situation of > > >>>>> "be strict on what you send, be tolerant on what you receive". > > >>>>> > > >>>>> Did you find a technical reason to abort a session because the last frame didn't > > >>>>> bring overhead that you don't use? > > >>>> > > >>>> No technical reason. The only reason is that SAE-J1939-82 requires responder > > >>>> to abort session if any TP.DT less than 8 bytes (section A.3.4, Row 7). > > >>> > > >>> Do you mean: "BAM Transport: Ensure DUT discards BAM transport when > > >>> TP.DT data packets are not correct size" ... "Verify DUT discards the > > >>> BAM transport if any TP.DT data packet has less than 8 bytes"? > > >> > > >> Yes. > > > > > > OK, then I have some problems to understand this part: > > > - 5.10.2.4 Connection Closure > > > The “connection abort” message is not allowed to be used by responders in the > > > case of a global destination (i.e. BAM). > > > > > > My assumption would be: In case of broadcast transfer, multiple MCU are > > > receivers. If one of MCU was not able to get complete TP.DT, it should > > > not abort BAM for all. > > > > > > So, "DUT discards the BAM transport" sounds for me as local action. > > > Complete TP would be dropped locally. > > > > Yeah, you are right. With this patch receivers drop BAM transport locally > > because j1939_session_cancel() only send abort message in RTS/CTS transport. > > > > For RTS/CTS transport, SAE-J1939-82 also has similar requirements: > > "RTS/CTS Transport: Data field size of Transport Data packets for RTS/CTS > > (DUT as Responder)"..."Verify DUT behavior, e.g., sends a TP.CM_CTS to have > > packets resent or sends a TP.Conn_Abort, when it receives TP.DT data packets > > with less than 8 bytes" (section A.3.6, Row 18) > > You are right. Sounds plausible. If we find some device in the field > which will need a workaround to support less than 8byte, then we will > need to add some UAPI to configure it. By default we should follow the > spec. @Kurt, do you have anything against it? Zhang Changzhong suggested that this is part of compliance testing nowadays. That obsoletes all technical arguments, and you have no choice than to adapt. Kurt
On Thu, Sep 30, 2021 at 11:33:20AM +0800, Zhang Changzhong wrote: > According to SAE-J1939-21, the data length of TP.DT must be 8 bytes, so > cancel session when receive unexpected TP.DT message. > > Fixes: 9d71dd0c7009 ("can: add support of SAE J1939 protocol") > Signed-off-by: Zhang Changzhong <zhangchangzhong@huawei.com> Acked-by: Oleksij Rempel <o.rempel@pengutronix.de> Thank you! > --- > net/can/j1939/transport.c | 7 +++++-- > 1 file changed, 5 insertions(+), 2 deletions(-) > > diff --git a/net/can/j1939/transport.c b/net/can/j1939/transport.c > index bb5c4b8..eedaeaf 100644 > --- a/net/can/j1939/transport.c > +++ b/net/can/j1939/transport.c > @@ -1789,6 +1789,7 @@ static void j1939_xtp_rx_dpo(struct j1939_priv *priv, struct sk_buff *skb, > static void j1939_xtp_rx_dat_one(struct j1939_session *session, > struct sk_buff *skb) > { > + enum j1939_xtp_abort abort = J1939_XTP_ABORT_FAULT; > struct j1939_priv *priv = session->priv; > struct j1939_sk_buff_cb *skcb, *se_skcb; > struct sk_buff *se_skb = NULL; > @@ -1803,9 +1804,11 @@ static void j1939_xtp_rx_dat_one(struct j1939_session *session, > > skcb = j1939_skb_to_cb(skb); > dat = skb->data; > - if (skb->len <= 1) > + if (skb->len != 8) { > /* makes no sense */ > + abort = J1939_XTP_ABORT_UNEXPECTED_DATA; > goto out_session_cancel; > + } > > switch (session->last_cmd) { > case 0xff: > @@ -1904,7 +1907,7 @@ static void j1939_xtp_rx_dat_one(struct j1939_session *session, > out_session_cancel: > kfree_skb(se_skb); > j1939_session_timers_cancel(session); > - j1939_session_cancel(session, J1939_XTP_ABORT_FAULT); > + j1939_session_cancel(session, abort); > j1939_session_put(session); > } > > -- > 2.9.5 > > >
On 30.09.2021 11:33:20, Zhang Changzhong wrote: > According to SAE-J1939-21, the data length of TP.DT must be 8 bytes, so > cancel session when receive unexpected TP.DT message. > > Fixes: 9d71dd0c7009 ("can: add support of SAE J1939 protocol") > Signed-off-by: Zhang Changzhong <zhangchangzhong@huawei.com> Applied to linux-can/testing, added stable on Cc. Thanks, Marc
diff --git a/net/can/j1939/transport.c b/net/can/j1939/transport.c index bb5c4b8..eedaeaf 100644 --- a/net/can/j1939/transport.c +++ b/net/can/j1939/transport.c @@ -1789,6 +1789,7 @@ static void j1939_xtp_rx_dpo(struct j1939_priv *priv, struct sk_buff *skb, static void j1939_xtp_rx_dat_one(struct j1939_session *session, struct sk_buff *skb) { + enum j1939_xtp_abort abort = J1939_XTP_ABORT_FAULT; struct j1939_priv *priv = session->priv; struct j1939_sk_buff_cb *skcb, *se_skcb; struct sk_buff *se_skb = NULL; @@ -1803,9 +1804,11 @@ static void j1939_xtp_rx_dat_one(struct j1939_session *session, skcb = j1939_skb_to_cb(skb); dat = skb->data; - if (skb->len <= 1) + if (skb->len != 8) { /* makes no sense */ + abort = J1939_XTP_ABORT_UNEXPECTED_DATA; goto out_session_cancel; + } switch (session->last_cmd) { case 0xff: @@ -1904,7 +1907,7 @@ static void j1939_xtp_rx_dat_one(struct j1939_session *session, out_session_cancel: kfree_skb(se_skb); j1939_session_timers_cancel(session); - j1939_session_cancel(session, J1939_XTP_ABORT_FAULT); + j1939_session_cancel(session, abort); j1939_session_put(session); }
According to SAE-J1939-21, the data length of TP.DT must be 8 bytes, so cancel session when receive unexpected TP.DT message. Fixes: 9d71dd0c7009 ("can: add support of SAE J1939 protocol") Signed-off-by: Zhang Changzhong <zhangchangzhong@huawei.com> --- net/can/j1939/transport.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-)