Received: by 2002:a05:7412:5112:b0:fa:6e18:a558 with SMTP id fm18csp562460rdb; Tue, 23 Jan 2024 07:53:23 -0800 (PST) X-Google-Smtp-Source: AGHT+IFWTalTq947MJbL4VXOFn6y19p/HN67PcqrF6rEnuu4fNzipK7/jqVbLW71kUuQJgl2NPNm X-Received: by 2002:a05:6214:19e4:b0:686:9442:6a67 with SMTP id q4-20020a05621419e400b0068694426a67mr1129095qvc.14.1706025203534; Tue, 23 Jan 2024 07:53:23 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1706025203; cv=pass; d=google.com; s=arc-20160816; b=sFL0MlbzmgjzTR/hVsEXIQupG9OKH8upYDvFuWwL6zMRaXv9aZ8pFo1CGSsIbltzgC f9CC4+pqjOlzznxDM0HZZVcmtlwTwhp7AYkC/91zDLmA5yTQv79aMFSf1wFBISnvh9rL S62AFk/J/SbG9AXf/+43HsQh0u76Okf7iK9NlGQrJn4qC8QR3Rv0j9tVR63mG9L/ewUi 0Y6zv/bfn4hE5l++Qt6ckPyWLlxvq9iUVPEolsg6P59H4UwfMc2tWO1tahSYMqXnZ/h1 5hAyr2KL+vztuYHXkcrLE0YprchvsvR2exgTlKW1SLgjj1rbn+UL6AYCJbHdxOabyAgp vxBg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :subject:cc:to:from:date:dkim-signature; bh=RJpWHVKDJQ7Nmz3XaAGie/s0WeWWhZYLdAsFCuMjRXw=; fh=ahSjQM2rFQ7YUDdyoJbt/MkbftStomhPh7sEj6ybwWk=; b=x0gfKZAkgzvg4LgKBLmUZse/egwWsLsQG4wBEltukEvAYVzagChnw20/kU5hq6Wyl1 022CuxBTDehs0IA3lva+rQLMEOWgWILhgGx7XIvfAutvHquYNfcaqYXvVGZ74p0Tqf09 iTdqWXKGMPiziXCxilvTg0dYwDAQP9QzocXMlwqgIzJOfACrrJo5J6074udIEEdNBmEI wqjjX7S+eozY8adGGsUz6hWjBmOC1689ShJ7dSHvmht0jqftmk7cDDUXE2TeWdh3fKve aw/PHJqb1MQ/h6CRldsHWybYnd8m1BHoCLRRSBVvQx2ehEPFJkLTG9XPf++gUur6f/NX Mlaw== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=QVgUQiXF; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-35593-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-35593-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id y18-20020a0cf152000000b0067f8393c2adsi8150650qvl.560.2024.01.23.07.53.23 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 23 Jan 2024 07:53:23 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-35593-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=QVgUQiXF; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-35593-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-35593-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 4DF231C25959 for ; Tue, 23 Jan 2024 15:53:23 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id A6FC8604BE; Tue, 23 Jan 2024 15:50:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="QVgUQiXF" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A4C2B604C9; Tue, 23 Jan 2024 15:49:57 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706024997; cv=none; b=Tr5KWbJjF6FY5C65nVphGTceo2VUD+ecBjmR7w0i9zhXO9DaNKRbUG8JhiYbcyzH526NQ8rlN4W2i6MfRY2Cwfmc8BlB7Tzp5d9CHhjnFaVy+h/9c0EQTXc/v5KiRxhUgOYft/c2MePSqODye/5RSbZR60S2jySzulpgB9zRh5k= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706024997; c=relaxed/simple; bh=YGqdwsVo1pQFlb0ZPxGipZtucxc5DypYwXmKxIYZeMo=; h=Date:From:To:Cc:Subject:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=aiA4B1u4Tnlq50XgORNicWrB1tZht0XPT1HiynyPsq5UQyaCRkmaaTLby7g3xp1vjXQNrZkViPhpXF/nlPPC9nLI5J1gloZGYGtN+s7U2rZlYi5GK3vP3CJBMENnyNGMs4botcrxyMcPImqXJp5dT7jxH1wOrLUkIwfTG5cnzlM= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=QVgUQiXF; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id 52FC7C433F1; Tue, 23 Jan 2024 15:49:56 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1706024997; bh=YGqdwsVo1pQFlb0ZPxGipZtucxc5DypYwXmKxIYZeMo=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=QVgUQiXFYasn3lV9zA1cS7eGqeZQ3yTcrIySknFWLAt8AhM5kZ6IrOjev4lwiPu17 z74Ps/y1HF0wy9bjCCPt4fOTwnXydIdLqwHqS5CEc5eeBwjFmW5szAE7e0hxVmvV4n Iddub4yJi1fggTzgQR8NoLIFy1I72gvxuLdeQid0H2HUNMFLHX9DCISrsRor2qGNAC mtq7OO8srtbn2R42EKyjcbzCgP4ZVpzfUGZrHRQZK7cnkAI5SzAJKw2bsbpmy0oauY hrwiKBj/wV7OVMuNHtWsk4gQd4aWS4NMHfMiujYSpi2PQ59fp+3mBw7Gou7u4bDJmX mTAXVDbgu/KUQ== Date: Tue, 23 Jan 2024 07:49:55 -0800 From: Jakub Kicinski To: Danielle Ratson Cc: "netdev@vger.kernel.org" , "davem@davemloft.net" , "edumazet@google.com" , "pabeni@redhat.com" , "corbet@lwn.net" , "linux@armlinux.org.uk" , "sdf@google.com" , "kory.maincent@bootlin.com" , "maxime.chevallier@bootlin.com" , "vladimir.oltean@nxp.com" , "przemyslaw.kitszel@intel.com" , "ahmed.zaki@intel.com" , "richardcochran@gmail.com" , "shayagr@amazon.com" , "paul.greenwalt@intel.com" , "jiri@resnulli.us" , "linux-doc@vger.kernel.org" , "linux-kernel@vger.kernel.org" , mlxsw , Petr Machata , Ido Schimmel Subject: Re: [RFC PATCH net-next 9/9] ethtool: Add ability to flash transceiver modules' firmware Message-ID: <20240123074955.72c27eb0@kernel.org> In-Reply-To: References: <20240122084530.32451-1-danieller@nvidia.com> <20240122084530.32451-10-danieller@nvidia.com> <20240122210534.5054b202@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit On Tue, 23 Jan 2024 13:05:16 +0000 Danielle Ratson wrote: > > GENL_REQ_ATTR_CHECK, and you can check it in the caller, before taking > > rtnl_lock. > > > > OK, np. The idea was to have module_flash_fw() that checks the attrs > and extract them into params and ethnl_act_module_fw_flash() should > be free from those checks. But if so, maybe this separation is > redundant and should combine the two? No strong preference, whatever looks better :) To use GENL_REQ_ATTR_CHECK() I think you'll need to pass genl_info here. You can either to that or move the validation. > > > + > > tb[ETHTOOL_A_MODULE_FW_FLASH_FILE_NAME], > > > + "File name attribute is missing"); > > > + return -EINVAL; > > > + } > > > + > > > + params.file_name = > > > + nla_data(tb[ETHTOOL_A_MODULE_FW_FLASH_FILE_NAME]); > > > > Hm. I think you copy the param struct by value to the work container. > > nla_data() is in the skb which is going to get freed after _ACT returns. > > So if anyone tries to access the name from the work it's going to UAF? > > The file_name parameter is not really needed inside the work. Once we > called request_firmware_direct(), we have all that we need in > module_fw->fw. Do we still need to avoid that situation? If so, can > you please suggest how? I'd pass it to module_flash_fw_schedule() as a separate argument, if it doesn't have to be saved.