Received: by 2002:a05:6358:f14:b0:e5:3b68:ec04 with SMTP id b20csp3879496rwj; Tue, 20 Dec 2022 03:15:54 -0800 (PST) X-Google-Smtp-Source: AA0mqf44vU0TdidQkp48BTVBWGuUlDn+G7rkdx/Rr3NfkeEe+ReFgHlNoX5cdkS4rgzZAcNuc0Ms X-Received: by 2002:a17:902:bb8b:b0:188:760f:d831 with SMTP id m11-20020a170902bb8b00b00188760fd831mr44415015pls.7.1671534953981; Tue, 20 Dec 2022 03:15:53 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1671534953; cv=none; d=google.com; s=arc-20160816; b=FBk7IvS+sHT08AbSKhHPOKHuWCxAZiJZGiVvgNbeyQw6g/xBbIFSzRch1EB6ouo2LI dw1y/7LF1Fr2NeyI18w7sy67mvMPwTWFZXpytficR2EGZUbp49+UizKAvtwbJcqI7slo dBM05519KtsVP0JIG3pdccf0xuWc7m0UHOiNpu/Ovub33EoxQX4JlFy7tQBSPkuaOodA umCP2/1R24SPsn82QixmKEsUAG6aqaOsjdq44MqjwsaefXmbAN3XxNYtxIYVxbnFCEhL 6jF2EwOiiTWcyQ8B4VinosJYeZOWcsl7QjwIUeZ2wmlqAt3y1wIYraAwrsI8GhthhnYu 45nA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=3J2t6zleCgSaKLgdwsyrOWk3vUr6ggb3hDwqkO8Hsk8=; b=ZvMipFhsvmmg6527omlok8l3Q2CS0/AlcOM0GwFT4w3OWyjhHfhNGO1fGBk8A04udU /Jcrb1JG9Oz74xvepFmq+O6YSakQEPGtu7RrSvu3jlHrjZEjYaFJ1GIUKXdKnMqvoJRY rszHqpbVCLCB+ykp6jr7n5zcWeUqqUFPztqOaxAuqRwtpKvixRlssZGTWBxoXcHkb0UN x+fQVkePUy8FVIINLcNW8wo8betm4vrzs5RXOb/YUYleL3en9BfnMlZh2BBZXqBypRaU cEKU0nB9B8bPbwQ4Cd3FZeBb2n4zLFjyohAa41wc1aEFUvbWXdVUI8ECe/x5CBMqnG+8 jR+A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@bytedance-com.20210112.gappssmtp.com header.s=20210112 header.b=yhJTjcPy; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=bytedance.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id bc5-20020a170902930500b001869b988da6si9191287plb.402.2022.12.20.03.15.44; Tue, 20 Dec 2022 03:15:53 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@bytedance-com.20210112.gappssmtp.com header.s=20210112 header.b=yhJTjcPy; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=bytedance.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233497AbiLTKwX (ORCPT + 70 others); Tue, 20 Dec 2022 05:52:23 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58812 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233590AbiLTKv4 (ORCPT ); Tue, 20 Dec 2022 05:51:56 -0500 Received: from mail-pl1-x62b.google.com (mail-pl1-x62b.google.com [IPv6:2607:f8b0:4864:20::62b]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D4609186C1 for ; Tue, 20 Dec 2022 02:51:54 -0800 (PST) Received: by mail-pl1-x62b.google.com with SMTP id m4so11880975pls.4 for ; Tue, 20 Dec 2022 02:51:54 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bytedance-com.20210112.gappssmtp.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=3J2t6zleCgSaKLgdwsyrOWk3vUr6ggb3hDwqkO8Hsk8=; b=yhJTjcPyEVStYIqzGKgu5LXSn6WS+0vwVkXG5oR+b5ML6XrciGesuHKBApFAUcmCJu txkw4JXcbHCIoLUnNMFU2YIdYzn5/KFH1sb8CCCqkUon43LmuU5k2pSPdezzgcJwlweU 4W6Kw1T9xr4KiyydwA0f5BpuH/neWa8SYEi+ko/Ggm5qkaJSRYcilX/d4sSFHgDw/fkx wb5jwMoypxD2HdtVZQYt/2AjuOgKZ9HKoK6H2hUOcRD+kROH+DryZzmyHAGTsjTdw/0Y MMxiZvZoQzyT0tTZk/S6MBKHavCvMM2AAAny+UkoJ7hxBSx6Ju/x/tS9qerbsTGm6fz3 NhKw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=3J2t6zleCgSaKLgdwsyrOWk3vUr6ggb3hDwqkO8Hsk8=; b=KXif6RuqwvumhRwy86KiN2o2IzuVznBA3bJFl/xqHiHT1LmzMsPiAP7PoPtKqsrXuo DitwBMo6wimG+FS2P7eZpiQaIZtsXU95Jy0JRCzdztvZPzwjU8uJGhmDxHsogN1K4a+Y FxwAJ7LvLKZ2I+JvioPAlhwnfkfHZRVX34kPYgM3pdHPIGwQseRz8RBwCVBwVzaVRovw Ad7WJqAZdUcENIcpmvUKH4ACECKiOvoD4xBjEGfqzPonv9g0pri5n5WdMe+DDA3ZTF9R kJFalQrZywszQIDmiuPYyd4iSqFNWCmM4bMQQMiU+OsuB24UoS8KjlWBpn6d6UousmIc ys7g== X-Gm-Message-State: AFqh2kp+8C2WefaBB0SMesbkit4D7HSx/8EyyY1qeFQGRGLfi0cr6mHE O9Cu8d2qG+o9LXiz7fyGIpIc/epCBu72+Q3j3kt19A== X-Received: by 2002:a17:903:25c5:b0:191:4149:2800 with SMTP id jc5-20020a17090325c500b0019141492800mr208plb.3.1671533514185; Tue, 20 Dec 2022 02:51:54 -0800 (PST) MIME-Version: 1.0 References: <20221024094853.2877441-1-yulei.sh@bytedance.com> In-Reply-To: From: Lei Yu Date: Tue, 20 Dec 2022 18:51:42 +0800 Message-ID: Subject: Re: [PATCH] usb: gadget: aspeed: fix buffer overflow To: Greg Kroah-Hartman , Neal Liu Cc: Felipe Balbi , Joel Stanley , Andrew Jeffery , Henry Tian , Jakob Koschel , "linux-usb@vger.kernel.org" , "linux-arm-kernel@lists.infradead.org" , "linux-aspeed@lists.ozlabs.org" , "linux-kernel@vger.kernel.org" , Ryan Chen Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Oct 28, 2022 at 6:45 PM Greg Kroah-Hartman wrote: > > On Fri, Oct 28, 2022 at 09:55:57AM +0000, Neal Liu wrote: > > > > > > Thanks for your feedback. > > > > > > I tried to reproduce it on my side, and it cannot be reproduce it. > > > > > > Here are my test sequences: > > > > > > 1. emulate one of the vhub port to usb ethernet through Linux > > > > > > gadget > > > > > > (ncm) > > > > > > > > > > We are using rndis instead of ncm. > > > > > > > > > > > 2. connect BMC vhub to Host > > > > > > 3. BMC & Host can ping each other (both usb eth dev default mtu is > > > > > > 1500) 4. Set BMC mtu to 1000 (Host OS cannot set usb eth dev mtu > > > > > > to 2000, it's maxmtu is 1500) > > > > > > > > > > Not sure if it's related, but in my case (USB rndis, Debian 10 OS) > > > > > it should be able to set MTU to 2000. > > > > > > > > Using rndis is able to set MTU to 2000, and the issue can be reproduced. USB ecm is also tested and it is possible to set MTU to 2000, and could reproduce the issue. So I think this patch is needed anyway. @Neal Liu Could you kindly help to verify the USB ECM case? > > > > > > Please NEVER use rndis anymore. I need to go just delete that driver from > > > the tree. > > > > > > It is insecure-by-design and will cause any system that runs it to be instantly > > > compromised and it can not be fixed. Never trust it. > > > > > > Even for data throughput tests, I wouldn't trust it as it does odd things with > > > packet sizes as you show here. > > > > Thanks for the info, Greg. > > If rndis will no longer be supported, how to use usb-ethernet on Windows OS? > > For my understanding, ncm/ecm cannot work on Windows OS. > > rndis should ONLY be there for Windows XP, which is long out-of-support. > Newer versions of windows have more sane usb protocols built into it and > this driver is not needed. > > As proof of this, Android devices removed this from their kernel > configuration a few years ago and no one has complained :) > > thanks, > > greg k-h