Received: by 2002:a19:f614:0:0:0:0:0 with SMTP id x20csp59434lfe; Fri, 15 Apr 2022 19:27:06 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzHVCyfwq+Az/WorbRcudCxUE9buA9qNZZycIjnYW5dDWVaIGIFqubslxLk2qaYB8oxeO+m X-Received: by 2002:a05:6a00:1589:b0:505:90d4:c708 with SMTP id u9-20020a056a00158900b0050590d4c708mr1658519pfk.44.1650076025757; Fri, 15 Apr 2022 19:27:05 -0700 (PDT) Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [2620:137:e000::1:18]) by mx.google.com with ESMTPS id q11-20020a056a00088b00b004fb1544bc72si3384978pfj.353.2022.04.15.19.27.05 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 15 Apr 2022 19:27:05 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) client-ip=2620:137:e000::1:18; Authentication-Results: mx.google.com; dkim=pass header.i=@suse.com header.s=mimecast20200619 header.b=WRUrn9+E; arc=fail (body hash mismatch); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=suse.com Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 33303F4603; Fri, 15 Apr 2022 18:39:12 -0700 (PDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241582AbiDNJP7 (ORCPT + 99 others); Thu, 14 Apr 2022 05:15:59 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56468 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234205AbiDNJP5 (ORCPT ); Thu, 14 Apr 2022 05:15:57 -0400 Received: from de-smtp-delivery-102.mimecast.com (de-smtp-delivery-102.mimecast.com [194.104.111.102]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EF14D6E543 for ; Thu, 14 Apr 2022 02:13:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=mimecast20200619; t=1649927611; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=MlMey9xYnAFQSsOJ2uTulGHgh8/7c+NyApR2zr+7Z00=; b=WRUrn9+EsFDqa0ahqTCJ60K4/9kAC34K6slr8gGGbZh3sHIWzPPvqnF25gAlzm8jkNgiu5 ESlzTIGioY784Br5lVCxGNLMqeWZcsjG00L8evnLNOt89Et1N35mpHU1I/sLDtc+8PZ+Ov r3VYFiQ21S1+NWw0n1Y9xheOIRKcQs8= Received: from EUR02-VE1-obe.outbound.protection.outlook.com (mail-ve1eur02lp2054.outbound.protection.outlook.com [104.47.6.54]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id de-mta-36-6ccfoGUTOuWqAoq6TB-BYw-1; Thu, 14 Apr 2022 11:13:30 +0200 X-MC-Unique: 6ccfoGUTOuWqAoq6TB-BYw-1 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=MuLZrIteIj5CsMe2TJ1PsK9uh9T8YxeQ4FGIcpMLsVQ/pc/NYhkhfe48x/vkZz2TW0XAmNPs9s07HnoRtCgVTmTQPpgOAbKnPR1cKxFHueip2RsJughl0zmGIG+cFV2a+ZqOKD5oOIO7WVy1b/yLQt1tV+hBbPt5f3DY/bDSyhsqpP10oDZXzko15NSATK1m8ukLlKaDy7gqcstk73sd4ul94HMGVAZ7qGFgW3b9qmMTtwXttNAXflwHSEc/X7PxvFDbdcHkmNL7Dee3Y1bFJp0UCfJpbtWZSAcoZ1hSHHW0sLisBR9J3vcJV8yN3Gh4HLDPIYVDmYcBSYwzy+6P3w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=izy5GNUjRqgtpu+RLGypPNA2X4mSeDZ102v4GigUClU=; b=NvUzpitx8iT1jM2m2SLnndHGMstAMtw3wRfp2+BnB+Ui2mS+63YS4y2snyGV0r0KZKARqJ5TnlOWGRLrDo6Cfh8fC6tvu7t1YnxPbU6Ihl+U47jpsYlmX+3pbjBJzRFRk6hYZol9YMsaA2nvp11mjj+FnJxEQB1GLnSwW6Nh5kym4DBjVhvd8klKhnMnzDv9nBjWpPiTZltokhpTS3RqRUw311HHBZz5mKvfC5mWaGUsoxak9DvhTi4LSPHnnMwFaawMwOhY3MYKjz1RQhojSSblW3wYjD4DMZ8Myapy2PQ/Bes9JmeCTGyeYTGjnbh4YfKLriPAJqBRd83nDPATHQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com; Received: from VI1PR0401MB2526.eurprd04.prod.outlook.com (2603:10a6:800:58::16) by AM8PR04MB7377.eurprd04.prod.outlook.com (2603:10a6:20b:1de::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5164.20; Thu, 14 Apr 2022 09:13:28 +0000 Received: from VI1PR0401MB2526.eurprd04.prod.outlook.com ([fe80::8c82:19c5:ce96:491b]) by VI1PR0401MB2526.eurprd04.prod.outlook.com ([fe80::8c82:19c5:ce96:491b%4]) with mapi id 15.20.5144.030; Thu, 14 Apr 2022 09:13:28 +0000 Message-ID: <0ece0ee4-baca-bff6-89e0-ad10483a5f8e@suse.com> Date: Thu, 14 Apr 2022 11:13:25 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.8.0 Subject: Re: [PATCH] net: ax88179: add proper error handling of usb read errors Content-Language: en-US To: Dan Carpenter , Oliver Neukum CC: David Kahurani , netdev@vger.kernel.org, syzbot , davem@davemloft.net, jgg@ziepe.ca, kuba@kernel.org, linux-kernel@vger.kernel.org, linux-usb@vger.kernel.org, Phillip Potter , syzkaller-bugs@googlegroups.com, arnd@arndb.de, Pavel Skripkin References: <20220404151036.265901-1-k.kahurani@gmail.com> <20220404153151.GF3293@kadam> <20220413153249.GZ12805@kadam> <523330e4-cbd7-62a6-9368-417534ddb0b6@suse.com> <20220414082115.GA12805@kadam> From: Oliver Neukum In-Reply-To: <20220414082115.GA12805@kadam> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: AM5PR0502CA0002.eurprd05.prod.outlook.com (2603:10a6:203:91::12) To VI1PR0401MB2526.eurprd04.prod.outlook.com (2603:10a6:800:58::16) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 9c66fc3e-d974-4997-99f2-08da1df7099e X-MS-TrafficTypeDiagnostic: AM8PR04MB7377:EE_ X-LD-Processed: f7a17af6-1c5c-4a36-aa8b-f5be247aa4ba,ExtFwd X-Microsoft-Antispam-PRVS: X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: oQEiH2y5/vH7Lj0RnXXKJflWx/fXIasWhRKb+9AQBEmLu9DArRAeY63qhygYoczX5nzHT3RgzLtB3SUvcy+oz2x5he+hoj6SjXSEdg2Vp+mx4OMSH0lco02NaAprDp4Mvi+REvuRPviPhOd/9vIDHMnX/pluS9opJ6/taGqEy4NGlkbYb1iILmDaao14UBi2a5g0bVaucg+bd4u123tMOvURbuXxoVxBhr02XfKVj6+lzuclCfOggDCi4/mPX/IXWc+lXL+YzUznODhNXdNt0j3ud/+sWp/cAAsbWtHOomB/0JM/2sya3TUA1ipoc7ZOFcCbq781sL4wM2fxfUqSzJCr9NnnNoiwM0tmkdu9swgBwqwi9ZR+oJ+kBfppZAxEZ2dJWtMGNNSLnis8dH0oyPcplnoEQV7UQTD3nsNjQpqHtSpPtwmnAZ1aSHfWRDZ/IZbaxMD0qsO4hsZSMK+U+EUEvFnXSYv0UOvUfASxkI3cRybs0FRGuEs72tKrJtAwP0MGOhsdV4+eeHLcH1N8USkw9fsnkNlxYWmj5YGbqMk5zM3Y5c4XjLdT9OkvSvLF5XETeLwNcTRXWHIs6SjZ+Y9r1J9GOuXmAotGnYgssbD4MobieMziKcwPf8oVHJBsyOStzZxG5s4co9IMcSo86fVD0ovnIe4f9QLPvm1eFE3MgZaCZcb3gvTn+HFVs57cT+ZBfwtarCvekfjfGihJngV3FNytpxL7mWkBzSpa8BY= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:VI1PR0401MB2526.eurprd04.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230001)(366004)(38100700002)(53546011)(6486002)(4326008)(8676002)(36756003)(31686004)(66476007)(66556008)(66946007)(6506007)(2906002)(8936002)(6512007)(2616005)(316002)(7416002)(508600001)(186003)(110136005)(5660300002)(54906003)(86362001)(6666004)(83380400001)(31696002)(43740500002)(45980500001);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 2 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?6HRBIh6EEzGjN4sAyWY939LuMJWtBsypWubRZYvZfPC9Hh76swx0EyWLNLeI?= =?us-ascii?Q?4kJf8GTbLBPzpYVHFJu+YjmkT+DmLsjCC6Ns4KjnRWKS0wQrfy91vsdXWTFy?= =?us-ascii?Q?6uDIw3UTzqzeKwUh+UIkSZzwR0QxQe6RworTEMy38CSwhLd5boOEVaXyjSNl?= =?us-ascii?Q?aICfSWoqasdsyjA6cyvzg5jt0a2WBBUFdvrV4WfUxrgJ+MzzDmWjswz5o2wy?= =?us-ascii?Q?OXRNA8Z2T0kvkOxtxz7nAa2vAeliPTgaPSksQ42xDjNa+lRk5NRXw9aDuAa1?= =?us-ascii?Q?Ej/s04HKo8bvVikhnAKOuL4P7PzUOU0j4kCI6Z3lDrLD/cTih7atEPWYKPZj?= =?us-ascii?Q?0sFXsfPGHIlSef4fH7GFlUudbWVr/NwAUCoTxHBM/o68BUpJR4IvSNqm15ze?= =?us-ascii?Q?pBqb11WHCJDb4eROTqE0+bG7YRVDSUppf5rvuRjyNd0iBR1cm4rrf3rxstcc?= =?us-ascii?Q?iMRHiNRrN7f6iPZ3gne6e+q0V6qFAjLkkuF2beYJdJjaGNvWXwMw3kGxZxOM?= =?us-ascii?Q?k8+4vLKYplYJWmsfjIOd+ABnz3qiFPvZPytHGg7K8UlCqwlQmc85wlwcBFmu?= =?us-ascii?Q?q+tfqlrwLdfVWKU8k34LxloKWXiyc3qJEMndJBnb83xFwmluxT+Tha4PGhki?= =?us-ascii?Q?7pq551K6llGvF3S3ziBFl79hCQIAWTc+wQ/LgENdp3vQm8qao1ZlewrA30fE?= =?us-ascii?Q?yLORkj6eNeaOOYpE0SnFghbVKPhw1fYylnMqVCQr4FxOPbPgtS458MsZQNGg?= =?us-ascii?Q?rK9qH2rmHuCSdGqrLkN45Cnpl1X+IbFm9M4Qwu6Tdl9I9kkG0GbZMYFAf1yJ?= =?us-ascii?Q?ReROJU28czuLvCQBPG2ZRHvB7KrvraEV57b9ne09m+JO8mx8EwMF8LF/3RML?= =?us-ascii?Q?I6ml4KGAMSnHaR9vdwlAYXP8X4cRf11l+Ek1lJKjpTGIzWyyAEGdHUIeI1G8?= =?us-ascii?Q?jpaKTvQUeHGDexW/ZqXSJbYNCpC1rF74r9cAohQdqXVB+7Sj7xgfPX3Z5F83?= =?us-ascii?Q?uwQIr5KJt5MozlVWr8smoZzQyroztjyMBnoBvL0Coc+qg8yHlLYFRIIBMM9v?= =?us-ascii?Q?IVWFLn5XgZu2zAfN+d+UYNb8+P/KWWYEfxbGEOloCzsVw8J29Vf4zEwBWLQx?= =?us-ascii?Q?iZ876aNWrPW5+R6+eaGpbyEwUCuf+1o918YwSnI/L5Z1xVrUvLiYjJwnl/Le?= =?us-ascii?Q?Hgf6yq/tnDzAuLtPS9q1ERYWQyBEt3MDtZ5tN2p3eigFN9MVNRFOeYxczVUE?= =?us-ascii?Q?7fYQrOjER7jIY1WTsJoEyAJnT11i7VX10+ODs2Zb/u3v/PUpxDM3N8NYHWVx?= =?us-ascii?Q?L8fAAna0d4oN6vZljPx0sl8bmk03L2SJOm15zjrAH00anGuoRaUoJfjQUpHh?= =?us-ascii?Q?D4fmEZfpCrjz3a3GACzXnHTfWovc4suzSXvlaLK/42x0IThyX3MEM6bbxLKu?= =?us-ascii?Q?yfMsa0Q14cMcgyhjNjjz1yjVsP+mhUWM9Wo5PhJv3CBn3oNffshwnRG1IPt0?= =?us-ascii?Q?dRLbdSV5ZeYI+aFnRkqcH9G8BB3hYF2QrWN/KYdkqpXsz5jGOyP9U336kZus?= =?us-ascii?Q?oqoRRwCHpwTkYA26c3U0U0z2qA5WVe43+7BQh7LLxbvWQ7t0UUG2DbtM02ox?= =?us-ascii?Q?2q69+4BnldmLxpdbL0Zr++rqaMDU9VjZtrPifZn7iJcT00IkrV4J5DJSyjrU?= =?us-ascii?Q?vC2qlCZGx7HielXGaMQr48XcNxhZkyYxJLBy1snS0BG+qQFMQ6mY53UEUs14?= =?us-ascii?Q?iccWU9RKRuQGZiCrLqhvR3BU+Afxl1eHnczj1xSOSvC4fu5a+FmTtxITiUKA?= X-MS-Exchange-AntiSpam-MessageData-1: gAOi9NJtaEkttQ== X-OriginatorOrg: suse.com X-MS-Exchange-CrossTenant-Network-Message-Id: 9c66fc3e-d974-4997-99f2-08da1df7099e X-MS-Exchange-CrossTenant-AuthSource: VI1PR0401MB2526.eurprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 14 Apr 2022 09:13:28.4050 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: f7a17af6-1c5c-4a36-aa8b-f5be247aa4ba X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: wLq9x1l8YRsQb0dU38EYSG4r5rSCvry03IvYF11LYjVrBdQNi7JMm4isqYg7bGIxiEzG6FCoqD1fAEl9xFtaxw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM8PR04MB7377 X-Spam-Status: No, score=-5.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,NICE_REPLY_A,RDNS_NONE,SPF_HELO_NONE, T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 14.04.22 10:21, Dan Carpenter wrote: > On Thu, Apr 14, 2022 at 09:31:56AM +0200, Oliver Neukum wrote: >> >> On 13.04.22 17:32, Dan Carpenter wrote: >>> Bug: buffer partially filled. Information leak. >>> >>> If you return the bytes then the only correct way to write error >>> handling is: >>> >>> if (ret < 0) >>> return ret; >>> if (ret !=3D size) >>> return -EIO; >>> >> You have to make up your mind on whether you ever need to read >> answer of a length not known before you try it. The alternative of >> passing a pointer to an integer for length is worse. > How is it worse? Can you give an example, so I will write a static > checker rule for it? My favorite example would be: int usb_bulk_msg(struct usb_device *usb_dev, unsigned int pipe, =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0void *data, int len, int *actual_length, int timeout) The actual_length parameter is horrible. Now, there are situations like thi= s where this pattern is unavoidable, because in addition to an error you can get a partial completion of an operation. Do I see it correctly that you would prefer this pattern even if you could report either an error or a result in the function? > There used to be more APIs that consistently caused bug after bug where > we mixed positives success values with negative error codes. We > converted some bad offenders to return the positive as a parameter > and I was really happy about that. > > Another example I used to see a lot is request_irq() saved to an > unsigned. These days I think GCC warns about that? Maybe the build > bots get to it before I do. > That needs to be checked for.. In fact while we are at it, do we check for integer overflows? =C2=A0=C2=A0=C2=A0 Regards =C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 Oliver