Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp3201646pxj; Mon, 24 May 2021 00:46:47 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxiXs/2Yv8Sx18UTNUBg3Tp9n1aFT8GQU3U5K1Z1FGRmdW+BASEOikpuue1Nk+Jsw2cD6qN X-Received: by 2002:a92:c243:: with SMTP id k3mr16985496ilo.81.1621842407365; Mon, 24 May 2021 00:46:47 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1621842407; cv=none; d=google.com; s=arc-20160816; b=vwabcNpGnlQ8rWi7rvqVj4UkQtDVebGrRoTrMKx3+8EuD1rI7pgOSc0baJe3/n4Up3 /p70aOaHXy4YjJK5ReNkmvaNFrGX4qPWrWYM1l4294IOMHGNrrvZSVttnhvOdfW98sAg /iQKqvffRJKQ0VWWhwuggdwsFTRvGR3uVkAQNkwVNS030i8G3yZOaBq9JnPhKuLmlF2E Xugv+if2SB2Ywyl2gzCQRyshAh4vgTknX65sjl9jwuKxJf1CU6Xzfz/v8I0OOJ/7nT8y aYVgdwJRrKcdLA6DUkIHKppKz6+m/Y8UBlk8ZRGoqjNnL2Zwdf4q/Fnn4+tndKz4mWsy zUWw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=TNAXKEi8xIGW/A8i1h1ZTZWJ61jLGaeIqkiVk/DKHq8=; b=NztTGUgPELDF42vuS53z5KbSeyoLJfa74u5VEbe45FAYUVtyVZ/ZjgqwoE9pEcsg7K FjaCmGTQl/HcJLLLr8hQX3zwWsBge/RBph3UuL61SSHGBCIOif9uFC/wq7uLl3lldbgm F+lA8YOfSlnS6/YXFsI40YzCAbNf+CDpmZoRK+9C9eYYzdb6Z3gGUPXj5F4mZe4YwPFN xZBWiESD0yyzLMJG//wrryw7EvZVn2XShVUam4AmV7tspv1Hs8jMp+zv7SOsCQFkdNlu 5piI9DabDcYnCzNohfXrytCAIDBaPdVlNri97QK0oXFdsmSe9rdaIkflRYwF63JQ2ZN1 mjMw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=EEptFrgY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id w12si14024599jad.49.2021.05.24.00.46.34; Mon, 24 May 2021 00:46:47 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=EEptFrgY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232318AbhEXHqC (ORCPT + 99 others); Mon, 24 May 2021 03:46:02 -0400 Received: from mail.kernel.org ([198.145.29.99]:40106 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232254AbhEXHqB (ORCPT ); Mon, 24 May 2021 03:46:01 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id 17C1D610A5; Mon, 24 May 2021 07:44:34 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1621842274; bh=z1C+QyseZ45GbVWwYhu5yBGWudxghE44niAVgptWqf4=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=EEptFrgYnoVewuNRXXBInrpG2Hc9P5zKBh/cdyYLgkVvJR06iivgB9otwT4wdXJ4h 3wytJWF7qQ9m/llsbpZrM18cufHG5c2Uh8NdzhxLeBbMZheDqnCmH4paXgNPQVD+K6 YcIwsq29No2qXT+5Bn6CJ+SSkFjZ6Wn9WwHt1jKWKmfN5Bu5GgUl/NizneqYe3QIw3 fo5krE+3IcmyhQu8XX5cjpKxgAaK9kaJm9DbdSezfsOkpaGnoItrJBeCX2hQ0eDudI fGWJK6GycievUMv7eW2ieyAweY6JloW0Myje8hAVVDOOwQv5usivK+lU3MACMFBxrT /v6SzM7+xn68w== Received: from johan by xi.lan with local (Exim 4.94.2) (envelope-from ) id 1ll5GI-0003yK-2U; Mon, 24 May 2021 09:44:31 +0200 Date: Mon, 24 May 2021 09:44:30 +0200 From: Johan Hovold To: Hayes Wang Cc: Greg KH , "kuba@kernel.org" , "davem@davemloft.net" , "netdev@vger.kernel.org" , nic_swsd , "linux-kernel@vger.kernel.org" , "linux-usb@vger.kernel.org" , "syzbot+95afd23673f5dd295c57@syzkaller.appspotmail.com" Subject: Re: [PATCH net v2] r8152: check the informaton of the device Message-ID: References: <1394712342-15778-363-Taiwan-albertk@realtek.com> <1394712342-15778-364-Taiwan-albertk@realtek.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, May 24, 2021 at 01:49:33AM +0000, Hayes Wang wrote: > Johan Hovold > > Sent: Saturday, May 22, 2021 4:07 PM > [...] > > > > + if (usb_endpoint_num(in) != 1) { > > > > + dev_err(&intf->dev, "Invalid Rx Endpoint\n"); > > > > > > "Invalid number of Rx endpoints" > > > > Here it is the endpoint number (address) that is being checked so > > "number of" would be wrong. > > > > That said, perhaps none of these checks are even needed a bit depending > > on how the driver is implemented. That is, if it hardcodes the endpoint > > addresses or uses the result from usb_find_common_endpoints() above > > (which I realise now that it does not so these checks are probably still > > needed). > > The purpose of the checks is to find out the fake devices. That is, even > the device supports in, out, and interrupt endpoints, it is treated as > fake or malicious device, if the addresses of these endpoints are wrong. > Therefore, I would keep the checks. Strictly, you need to check for bad input which could cause your driver to crash or malfunction. Generally you don't need to verify endpoint addresses unless the driver is hardcoding those. But since that is precisely what this particular driver is doing, these checks indeed need to stay. Johan