Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
From:   Vishnu Dasa <vdasa@vmware.com>
To:     Artem Chernyshev <artem.chernyshev@red-soft.ru>
CC:     Bryan Tan <bryantan@vmware.com>,
        Pv-drivers <Pv-drivers@vmware.com>,
        Stefano Garzarella <sgarzare@redhat.com>,
        Jakub Kicinski <kuba@kernel.org>,
        "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
        Linux Virtualization <virtualization@lists.linux-foundation.org>,
        "netdev@vger.kernel.org" <netdev@vger.kernel.org>,
        "lvc-project@linuxtesting.org" <lvc-project@linuxtesting.org>,
        "David S. Miller" <davem@davemloft.net>
Subject: Re: [PATCH] net: vmw_vsock: vmci: Check memcpy_from_msg()
Thread-Topic: [PATCH] net: vmw_vsock: vmci: Check memcpy_from_msg()
Thread-Index: AQHZBqGb35ZyQ9z5mEiW229BBPzKAq5bXMUA
Date:   Sat, 3 Dec 2022 01:17:33 +0000
Message-ID: <702BBCBE-6E80-4B12-A996-4A2CB7C66D70@vmware.com>
References: <20221202225818.3934909-1-artem.chernyshev@red-soft.ru>
In-Reply-To: <20221202225818.3934909-1-artem.chernyshev@red-soft.ru>
Accept-Language: en-US
Content-Language: en-US
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?asvQdz43TSpYl+krkht9L4ZOOYOuXOhgsxzyIaJMPh22bgXTEfKDMWJtRwBs?=
 =?us-ascii?Q?CibJiCT7fHCPCGE5zpo88lgDlITPFysvbWKbaQN/SnxEIkjCoFtTvLYrDJAU?=
 =?us-ascii?Q?rBp+7pyvxwEdafC2h0ns32ksICDPpddYRi4GW7lczfR91ZxwLi5QOd2lPfLg?=
 =?us-ascii?Q?BpKM4r7Ea8lX6ZZ/CYWMyPcu7D8o8st8pYMDbekQIg8uBT1LjzwYZs0DrRwy?=
 =?us-ascii?Q?Sb/Y7v5Evdy7zl1Chrrfh2OeN/5oEzCicIgyTku4wny8c7LAVH0V/bK9fZ+P?=
 =?us-ascii?Q?dU8RGCa8DjilSdaUEQjyQ3ooDwx1S5f4xmjCge6dCgPvc6aZpMkE3IuDFXJN?=
 =?us-ascii?Q?MC5BQk0j4l6oMDv4wpQPmdHCOtubPjOj4On/XXXwO2snAcwdmJNdor138jgt?=
 =?us-ascii?Q?/Oh4lOpnmX8UrjllJn5urSg9qjL4KVXe/aCK/L4kulUQk3Bg6iPJBfk2SVn7?=
 =?us-ascii?Q?qAO1e5BvzqSXAg2Sm1Wt3//2Ebf3bt+3OwJLdUCDgBDn0LEN811zcvn25rf4?=
 =?us-ascii?Q?Bmb5qW6t9bSelnEEls+PmWQBCeVMRnn8OIfRS8tBv9OcUrkHuSRePGf9QVy6?=
 =?us-ascii?Q?xfMd8pAcuLyaU1BqjShMYGgf8aJxRsSOJLSCgO7Qlsidfm/3mjWIpzRQahfu?=
 =?us-ascii?Q?2n+ZbG/xlNPGS153Q4mqVl0MVMsemKl3+botZGrlxIYnazR5GB8l4hMKr9ed?=
 =?us-ascii?Q?nau6kZqGUh6rFxNqA4IynvRcFMLG4EMQ2yFvgg50LYqURkIPGuV80FDHhYVp?=
 =?us-ascii?Q?WePVEx3t/NytSyO5iHsV0+/SKrmbVHHQGpIoJ9CeQHkz8GIO/M753yIbCrm6?=
 =?us-ascii?Q?o8iNpdd+Qo/lTWgBL8Y/1yx714S2yYQ20rXqKQvE1koYIe4Qnq4OfLPbWguj?=
 =?us-ascii?Q?jw7drmEHEOvR+adV1tbg5F3yIT22OWwa9Hv0TKJbD4DiHGvqvGNHYkBJZoKe?=
 =?us-ascii?Q?MSOFRX3GJyQhbt9cDq+9J8kE8BMqhBBG/ObcuyWOUq9ZF1PMpn1ZG7r8XmhD?=
 =?us-ascii?Q?5vt/2UobVORlQbTg650er6ehNcUG7foef/TWfhfu4Rt2rpOxMq8hRTWhWyZO?=
 =?us-ascii?Q?Ze4jq4R6VVI++hbhH0aFbL5gdKtIfWP3PaKXfgAJve3ayFNrlZVHvAwMqjD1?=
 =?us-ascii?Q?1lr2oehYVwLXZBrshtUKwWxFxQb4N5bbIkdNwtkmddC7J3n4ZvEK/8ljjBsI?=
 =?us-ascii?Q?cS1SyDozBJreNE9QOa9kr2h2fSP4IixDnke2I1OCuGZ/rtXnRoSGzWoJ5Ecv?=
 =?us-ascii?Q?1GbivFNVB2z64D2s2KCxySTnKZzO+V5l2AQJTs2IX/T9rCPyaGBliJ3lXlaC?=
 =?us-ascii?Q?eYloG7CkXPn7/CfDupZrfwxJkuMjf/zi0iyVhz+WRms57XrPjxTeoBTIYzmL?=
 =?us-ascii?Q?kTWix0yV0DYqKmUUSfiC1e6ySC3z2S4WqZz7Ryz/tJaB+KPlqufp6dY0Kwt4?=
 =?us-ascii?Q?/7po99+1zl/5nzEWryA/myH+Lv6Pj550w6haTYRyy1FjtbQ+/0X4XvCxlHkh?=
 =?us-ascii?Q?i+TpRn/j5eaHOYSvcO8a/Kh0nj2ffdAnVmNceVHbuOdIQ3p40e7wh76ZQA1Y?=
 =?us-ascii?Q?VKdd7AjMtdgc7O9igc+CYvRcvwgKJKyZgqF97eQ2gvLThB61U5VMmKMGfWTX?=
 =?us-ascii?Q?2RKiRf+Fw0uN9/rWzVK158vqS/TTsZgM7XrXghmpiZWe?=
Content-Type: text/plain; charset="us-ascii"
Content-ID: <7E63B8CF4B48EA4690AA573E066E001D@namprd05.prod.outlook.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: vmware.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BYAPR05MB3960.namprd05.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 9bfc709e-1439-4fa8-418d-08dad4cc27bb
X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Dec 2022 01:17:33.0721
 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: b39138ca-3cee-4b4a-a4d6-cd83d9dd62f0
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: z1/2v5aQEc1f1j9Wx34IIc6w1y5ZZF2vmFfKi1qPaP81zkGUUu7kMWlw6+cxvwYQek3vKEP44kwXVx7rnwyx1A==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR05MB8511
X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO,
        RCVD_IN_DNSWL_NONE,SPF_HELO_PASS,SPF_NONE autolearn=no
        autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org


> On Dec 2, 2022, at 2:58 PM, Artem Chernyshev <artem.chernyshev@red-soft.r=
u> wrote:
>=20
> We returns from vmci_transport_dgram_enqueue() with error
> if memcpy goes wrong

Thanks for the patch.

Nit: could you please update the description?  Maybe something like -
vmci_transport_dgram_enqueue() does not check the return value
of memcpy_from_msg(). Return with an error if the memcpy fails.

>=20
> Found by Linux Verification Center (linuxtesting.org) with SVACE.
>=20
> Fixes: 0f7db23a07af ("vmci_transport: switch ->enqeue_dgram, ->enqueue_st=
ream and ->dequeue_stream to msghdr")
> Signed-off-by: Artem Chernyshev <artem.chernyshev@red-soft.ru>
> ---
> net/vmw_vsock/vmci_transport.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>=20
> diff --git a/net/vmw_vsock/vmci_transport.c b/net/vmw_vsock/vmci_transpor=
t.c
> index 842c94286d31..7994090e0314 100644
> --- a/net/vmw_vsock/vmci_transport.c
> +++ b/net/vmw_vsock/vmci_transport.c
> @@ -1711,7 +1711,8 @@ static int vmci_transport_dgram_enqueue(
> 	if (!dg)
> 		return -ENOMEM;
>=20
> -	memcpy_from_msg(VMCI_DG_PAYLOAD(dg), msg, len);
> +	if (memcpy_from_msg(VMCI_DG_PAYLOAD(dg), msg, len))

Need to free dg using kfree() before returning.

> +		return -EFAULT;
>=20
> 	dg->dst =3D vmci_make_handle(remote_addr->svm_cid,
> 				   remote_addr->svm_port);
> --=20
> 2.30.3
>=20