Received: by 2002:a05:6358:701b:b0:131:369:b2a3 with SMTP id 27csp3838201rwo; Mon, 24 Jul 2023 18:14:24 -0700 (PDT) X-Google-Smtp-Source: APBJJlHHxxjM8Jqrz2Zkgj3OP/xadgWR/y5YXnx/cWPO8GqmUZNkC6eyWeh+HRn+Te7/sOoEj++t X-Received: by 2002:a17:90a:8687:b0:268:170f:45ed with SMTP id p7-20020a17090a868700b00268170f45edmr3835903pjn.10.1690247663680; Mon, 24 Jul 2023 18:14:23 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1690247663; cv=none; d=google.com; s=arc-20160816; b=wfLT7FyKwyfbZ8eTa62FZZNDEjloWLnV8M4HZbZrA/2rdoysM0DJXP9/GPekw9yvra GAnqkAP/Q276xrOYqXTv9Uz61YgPicW4/wdEGDhYcleIYe3ytyySSi37F+UMAGWtVYHH 1oeUgNxoxdhPPviMeEbnQKGrWta9uEavuOLJzFndmjaHrgLpyoZkAgfbX6bGbDomQVDv cqCULC2ykCuJT3FAIJOVRATAu+TWJp4hu8rhei+7PD8rdk1IkvjZ+QTfruxS4OrcVHru x8ozJPTe+GVIZ9nQSITpt2NdUX6ZD23t5w795OnrfphIvZDFI9TzAiq8r2lqXvoqdhWR EH/A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:subject:cc:to:from:date :dkim-signature; bh=dGZAvFDA9FxX8uOqtdrRXapZMQ+grTtiZ72za2U1JW8=; fh=T04tuwBEBFXIvYa/oHf4blJgKcN63F3F0D8ETAwnXcI=; b=t6bmpkCC9dlcrCFo0MeaE+gnyiyzSX+UN2rSIDz+bsgERAC3NmShlALe+1S7wZIZ+X 2twtwjWJCklX6GC8UkD1MhEKH6Nvfe5MVmGo/AtgaN0XV3ekhNX1gawbP198z+QpIfsH T2GCp9T4Sgmq5ZJ6dftFPVyqlNTkqiPe7ntbIvrC5yigoRQoWNijGNZj9TPHoRMNqo9N Cf4ZApx+fzuXdz6TS7AZ9YYwLook1QoIzDHv4oJcDPoI6VBmVjGRsQAgwJsizsxaOFpU vBk10vFj5o09rYWWfjqp3CdpkHc+1jJznNWYqbcjVn3K929PDFNsVM1pBGUm1M/JpC57 RH4g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=Z+1DX3GP; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id a17-20020a170902ecd100b001a94b91f402si11171852plh.218.2023.07.24.18.14.09; Mon, 24 Jul 2023 18:14:23 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=Z+1DX3GP; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230088AbjGYA4R (ORCPT + 99 others); Mon, 24 Jul 2023 20:56:17 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41916 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229545AbjGYA4P (ORCPT ); Mon, 24 Jul 2023 20:56:15 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0D4B710F6 for ; Mon, 24 Jul 2023 17:56:15 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 8EF786146F for ; Tue, 25 Jul 2023 00:56:14 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 76B26C433C8; Tue, 25 Jul 2023 00:56:13 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1690246573; bh=cFkvzIqEVxtobth8BkWedQlxCsFQkol1UukjBn0/mMg=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=Z+1DX3GP3lPjJxrYCjQYbSmWeex1UZ94DyV6E0lKotL6TyUDAwRrCHqPRqd3GaP7w FuDixiNhnFQICs/uE5W+iOJdj78nURRS8yX7ISlZ0HXwXXQgXbGXWF/XKQ4oKv0p65 YkETrCwaiTp84yG9Qq+tmAoYehUOee20qPwAtGo4hYfoj2/z0sYlEGCW/oWIwKj+Ih PM5fwPv8g/lrnp6rCLT4IykgFME/nOMtYbwGNBN7Jhf179SxNo2Dtpswa2chcxP6mK SJciRa3bfOR/S97FLTGewS9WHhWg5rTIs66Dfx4swS7wX2O9T0w9geOrQVZcLTqi8l VkFVhhqhy39gA== Date: Mon, 24 Jul 2023 17:56:12 -0700 From: Jakub Kicinski To: "Lin Ma" , Joe Perches Cc: jhs@mojatatu.com, xiyou.wangcong@gmail.com, jiri@resnulli.us, davem@davemloft.net, edumazet@google.com, pabeni@redhat.com, netdev@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH v2] net/sched: mqprio: Add length check for TCA_MQPRIO_{MAX/MIN}_RATE64 Message-ID: <20230724175612.0649ef67@kernel.org> In-Reply-To: <63d69a72.e2656.1898a66ca22.Coremail.linma@zju.edu.cn> References: <20230724014625.4087030-1-linma@zju.edu.cn> <20230724160214.424573ac@kernel.org> <63d69a72.e2656.1898a66ca22.Coremail.linma@zju.edu.cn> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, 25 Jul 2023 08:15:39 +0800 (GMT+08:00) Lin Ma wrote: > > > The nla_for_each_nested parsing in function mqprio_parse_nlattr() does > > > not check the length of the nested attribute. This can lead to an > > > out-of-attribute read and allow a malformed nlattr (e.g., length 0) to > > > be viewed as 8 byte integer and passed to priv->max_rate/min_rate. > > > > > > This patch adds the check based on nla_len() when check the nla_type(), > > > which ensures that the length of these two attribute must equals > > > sizeof(u64). > > > > How do you run get_maintainer? You didn't CC the author of the code. > > That's weird, I just ran code below and send this patch to all 9 emails poped out. > > # ./scripts/get_maintainer.pl net/sched/sch_mqprio.c Joe, here's another case. Lin Ma, you need to run the script on the file generated by git format-patch, rather than the file path. That gives better coverage for keywords included in the commit message (especially the Fixes tag). Please rerun it on the patch and repost with the right CC list. -- pw-bot: cr