Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp4751891pxj; Tue, 25 May 2021 15:51:29 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxpyKabmDBY8eFIiZRmFgbU2ObjDbhF1/xODm5muXy4LQcxIoxPfFF2hySq71ExhH8Cl9Xz X-Received: by 2002:a17:906:d147:: with SMTP id br7mr31440869ejb.272.1621983089266; Tue, 25 May 2021 15:51:29 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1621983089; cv=none; d=google.com; s=arc-20160816; b=b6YjRgSM5+A5YjVTQQ/Uqh04V0rej1HyU/unpBCD3gvz7r30YFk4VF3VyTfNo7Lf5w ZbRevsFVjD931QHRtLxQAMSts4ylp7PWrh+KKnx6+LlTxo8mal73rdGQ5UQ0vE0AyzkA f2j0rrdOR89fet9bOC/1ZZf1ShxogLpVrwVYte3QO/5j4xLcJ3+bcH17zTo1SGd//onc RNpZUxFJEMvf8ThPSl3Lu/QjIfqseP7gbQphZ1Oq3yGAF+EYRXpMT9Aj48de6EcGiWvQ KqwL0bBVOXAsWTl1tJIuHApbKSz7SqOO0MQZLLN8DTX+vKsUU/CEVGsatjnuHr7xLL1l GSrg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=WrsMci1wux9x4oI1lZdnvMAiZAs7nx/+sDW4BJc2oWA=; b=KPotCbMvNqLjvUvG5Nfds5IRJSQwm8lbD/w0+gbmFUnYKXOGiTDMYNBbm48OZeHZxf T5GBHzSla0Da3P39EQOTexVq0kFVkj98Pl+dyVy6wjfr7HTewO4dTbxNPhTFtKRX/197 cS34G5ubsKTMgIlTH4L7tohQ+bmD6SOfZgfQDY5M/l6d4IAbYTYd35QWcs89biJszaX3 bPH1Ix9C7edy1w8sMzH6IRysI3ZR+HwT1aw1IqRl3Ky2E6OnECzNnouj1HcE3Qgg8DPY aln7wWQhc4+v8QXBubsc2Uhsom8dDU4yau9rmOfdW7YvvWCjky/4SjI8i0ive6G9svOD hcSg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=Si4cDta1; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id p14si3479224ejd.654.2021.05.25.15.51.00; Tue, 25 May 2021 15:51:29 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=Si4cDta1; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233490AbhEYVsG (ORCPT + 99 others); Tue, 25 May 2021 17:48:06 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33536 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229610AbhEYVsG (ORCPT ); Tue, 25 May 2021 17:48:06 -0400 Received: from mail-oi1-x22f.google.com (mail-oi1-x22f.google.com [IPv6:2607:f8b0:4864:20::22f]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D3419C061574; Tue, 25 May 2021 14:46:34 -0700 (PDT) Received: by mail-oi1-x22f.google.com with SMTP id c196so23505096oib.9; Tue, 25 May 2021 14:46:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=WrsMci1wux9x4oI1lZdnvMAiZAs7nx/+sDW4BJc2oWA=; b=Si4cDta1BaFLKWOnZTfednW3oPeIYwPrAYErfx/uBNx8GOYakG4Rdi62QgD2+KXZD6 WTmG0nmBb3Ali1rDDWc4iuNpvDoUJR4K+P11tAEG3GYah+CmkTQ+ssA1L3Bk7EAvb/ba UnK9IGRnhRLL1xXh8R4+N7CxFLYD79BDD5zlNJZJtov6JoJXfxJoQDSCYSG2iyCDJty8 kQF0v5CE4Aj+S5vYZs0X1KnHyfoLq6tWQpzRFcQpI83hJTq53MyddUxpDprQke1jhet1 +yIOElA0LcutYsh7XSW5Oe8R4Jlm7Pf0ibc8wP6+OYNPkehesVaURecbs3nlBViVRBwt DeUQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=WrsMci1wux9x4oI1lZdnvMAiZAs7nx/+sDW4BJc2oWA=; b=UblDXCvPKo83cLxn+o7fOTKuh4oZWIHSA4dR1Ncq/GKpzyWj4o+3CTepM7OADiS4go MuBa0Lsr6KAnLwCcMp2tnwXkRRWqpMlUoL7XRFjICPKhVkprXXV7Tn24LuMccZ2HnHMO lwIOd1WGei9lxEy8RWAW/iu29GcvoL+j0oOsl6pE/2dSp4m8LtND5KKsG9aDeTvPnGq7 NHyxIyiNxZCNF/tOpe6bfo/o8Qes7lZd1s9BpkDcx5VJs8zVcP12IzYz+jpiCemSbdO4 y2lIADORs8XvsagfZFP67krcOC2hQKBvb99b61IoqZyRfZf3okRO3x9lwvEqABTh2Q1Q CoNA== X-Gm-Message-State: AOAM531h3PRh84BOkKu2LgCiHNkgcfNZ3uoNn2H86qetOzltOb1vBpxU CA00NAQPhg5afq/PCRSsdCGf8usNbTZ/z9L20g== X-Received: by 2002:aca:1015:: with SMTP id 21mr15505843oiq.92.1621979194196; Tue, 25 May 2021 14:46:34 -0700 (PDT) MIME-Version: 1.0 References: <20210524185054.65642-1-george.mccollister@gmail.com> <20210524212938.jaepbj5qdl3esd4i@skbuf> In-Reply-To: <20210524212938.jaepbj5qdl3esd4i@skbuf> From: George McCollister Date: Tue, 25 May 2021 16:46:21 -0500 Message-ID: Subject: Re: [PATCH net] net: hsr: fix mac_len checks To: Vladimir Oltean Cc: netdev , "David S. Miller" , Jakub Kicinski , Murali Karicheri , Taehee Yoo , Kurt Kanzenbach , Luc Van Oostenryck , Wang Hai , Phillip Potter , Andreas Oetken , Marco Wenzel , open list Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, May 24, 2021 at 4:29 PM Vladimir Oltean wrote: [snip] > > + ret = hsr->proto_ops->fill_frame_info(proto, skb, frame); > > Nitpick: hsr uses "res", not "ret". > Oops. I'll try to pay more attention to what is used in the existing code next time. [snip] > > I admit that I went through both patches and I still don't understand > what is the code path that the original commit 2e9f60932a2c ("net: hsr: > check skb can contain struct hsr_ethhdr in fill_frame_info") is > protecting against. I ran the C reproducer linked by syzbot too and I > did not reproduce it (I did not compile with the linked clang though). I think it's complaining if you access more than mac_len bytes from the pointer returned by skb_mac_header() but I'm not familiar with this bot. Thanks for testing the patch. -George