Received: by 2002:ab2:3350:0:b0:1f4:6588:b3a7 with SMTP id o16csp4804lqe; Fri, 5 Apr 2024 10:39:02 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCWxXKD9Rp8kDK4HrDtMipFmuwm5Ts3Ka3EhoayVujhBKM8E/yq444kbTqnzB+oqYiXWTCAWDR0n1NU/+gMIEuf+z2cQN/fw5fU61L8O4w== X-Google-Smtp-Source: AGHT+IHFbhBygDnC/YHMbslZfBX/FC/NV5OufZ5j6mn92OeAhIyeSkVZgjW3RMyAkpr1D1HU3pG5 X-Received: by 2002:a9d:6d8e:0:b0:6e9:faec:2689 with SMTP id x14-20020a9d6d8e000000b006e9faec2689mr1571140otp.35.1712338741898; Fri, 05 Apr 2024 10:39:01 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1712338741; cv=pass; d=google.com; s=arc-20160816; b=ZON3F4BPfSgGFJ1XrQzTUrsxOB6SiNPTDVaKd0Bylyw0o3Hy8J0HA8GmdzKDOU+DMD Sy63SQgGI5JmC0NwVWWMwEbGTJXOR+S6AI1D+e6pzgx9/oLpdKQGpq/Y2UbhuNi7tBse L1kGTzGwmOCof11OTNHppwbdrZT1zkh5ZlFJ6i6LttahmMI7sdb+HIyCSVNO61bD4HzF 5Hn2v56SJjPCLoF5R8kcA59h6d/inpYa6h9BGXq34v590fw1ns6zlXf7XGQCMQ63NA0F fnvzDhI43GkDdOziOGvXJkWll0Deng3lf3Z8vFbuuvFbFczDsZpsCNMXGEbaWQUhO26k TJGg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:list-unsubscribe:list-subscribe :list-id:precedence:dkim-signature; bh=EXITSmx7hg9jA8ZgsjkiM95zAu11JqjVmt3SeHVSGSY=; fh=sD98il1Ce2je6Mv80Vo7F8njI4+W2VrtbRxPTCNkYyQ=; b=NUCxSIyveyJ3U742LmpvWfALRcp09o8Gn+dStHTpQMgVie59J3mRDev2orIGAt/Z/5 NrutQ1OGI3U/L7Zj8m+H0/kHCXUOeDMTGRNlXpV6jyC3N0xWvWEfQWzU+cRb7CQZkBIw WDRSuO58VFCQRFPNN8y3mA3brMbYziHKY/GgMsScV8JtTJVM70qhTiHgcBnt7Fa4uq2t NIVtybFmRiT849oyRB3kG9/bqBBB+vAk2RYzskEQA9bTF3nBpcRabO3Bq/WRWNk3jPyR FNPx6wzQjqd0i4K7/F2q2B+juP6TWvpy3JRdkAvSOFMML45hN8/ROfmeWmwIMc57+Woi JXng==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=hM38lWxV; arc=pass (i=1 spf=pass spfdomain=gmail.com dkim=pass dkdomain=gmail.com dmarc=pass fromdomain=gmail.com); spf=pass (google.com: domain of linux-bluetooth+bounces-3289-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-bluetooth+bounces-3289-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223]) by mx.google.com with ESMTPS id f17-20020ac85d11000000b00432cfa45a93si2334165qtx.202.2024.04.05.10.39.01 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 05 Apr 2024 10:39:01 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-bluetooth+bounces-3289-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=hM38lWxV; arc=pass (i=1 spf=pass spfdomain=gmail.com dkim=pass dkdomain=gmail.com dmarc=pass fromdomain=gmail.com); spf=pass (google.com: domain of linux-bluetooth+bounces-3289-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-bluetooth+bounces-3289-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 901201C21A25 for ; Fri, 5 Apr 2024 17:39:01 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 33D1617167E; Fri, 5 Apr 2024 17:38:55 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="hM38lWxV" X-Original-To: linux-bluetooth@vger.kernel.org Received: from mail-lj1-f169.google.com (mail-lj1-f169.google.com [209.85.208.169]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EEC5116D9A0; Fri, 5 Apr 2024 17:38:52 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.208.169 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1712338734; cv=none; b=peZZlKxUIzM0Dcu3c+UQ+Dn+YBHhJWB2vICvOTAQwy2XwKZQkuY0w6jVxb38zVUlPkLCT9d0IL7MVB9wtprDbF4juIUxQVtmA2vMBV8vIfWZ6Gyy+Roc38wm5jmkVhSK7oVQJbnM5NEa2FKMo41tyi36u8SCNx8otV6qzUPTjOM= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1712338734; c=relaxed/simple; bh=EXITSmx7hg9jA8ZgsjkiM95zAu11JqjVmt3SeHVSGSY=; h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject: To:Cc:Content-Type; b=IKRzQtE35wVZM2ac8BB6zmKCGU6GfNz0bXb/zNkdO7AVZ4WOloG/CYIV0wgIHRiBLGTcWv8CFLgO/pNdcs5r6g5x3YUzmf68zSMCIV2LT/H8W1PVvJk5wy5yD13S3+/ZpL+qCtf79LjNUjt3Cp1sn7wU+DlNYarrY5YSnD18AVw= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=hM38lWxV; arc=none smtp.client-ip=209.85.208.169 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-lj1-f169.google.com with SMTP id 38308e7fff4ca-2d86e6908ecso8519561fa.2; Fri, 05 Apr 2024 10:38:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1712338731; x=1712943531; darn=vger.kernel.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=EXITSmx7hg9jA8ZgsjkiM95zAu11JqjVmt3SeHVSGSY=; b=hM38lWxVE+TfHcCcDIcrbSZ2Anj8DsNdFSYuviOsrnkneHcEB8FjzWS3IEwN4urXqm Zza2wLv9TiRMurU3KYj7zrSrK6SHovHGbnGhvgu9nP9lbODMC0lB6rMzmEEXNKzBJFFE HSq26F0+jvuLXzOTpGaVezRqZ/tlARTkydWHgJHiYfYYgHPfAA11ONyzJTbjUhsjj61r HXp7msqU1yadqDGic1nh1qWTC4jWuPc98xizgMT/WwbFpUuSxGI4rt8Su0I4c8iw+LPT w1C+4UYyU3irTY6Kxx/QeFG56G6YFfej5Zanuumv7VTUJO3AgMv2PUDU+pFEcfm1Eh+2 xdNw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712338731; x=1712943531; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=EXITSmx7hg9jA8ZgsjkiM95zAu11JqjVmt3SeHVSGSY=; b=An47bvAiN23yNCmo1NvErT5Lj2jQEDKuwG7pktIfrqTvBeHDKJwIbs6FqStO34wkkL 3G1njYIV8R0jKxt8Er461BAjz6T6DuXC7WbXTPG/PJOzhbnMAqad/fAfIjkSyyt8rdxT gLZhUcjtPvdz5U1yGfXxAthpn5FYARv4Nt+JESpT9RVVfJENObOiDbkx2NzqYWavYiGQ MEzEVk3UP/kp3SwRE20d6fIcjtxcsCoySwdE9dpIGsf3NBodEN+y04jyuuyfr8tsoXZn WvZt/ULAMrDwH31i2BMISOjmj2023/ngIE012OdT3i+45oqmjd763veaD3IfujPjNsZe Khag== X-Forwarded-Encrypted: i=1; AJvYcCXvxmfPJqBk24aMa0klToJFN0HVZ07iBVVvTkbDFQ2ejQ/Q00Fip83qKKSpzJERxCUGFjtYAFYwYhDzhuApEXbKWsjX+O4lhPATquXusL1L8d7MDvZ1iVweZumvJnLZNwg4BQex841M X-Gm-Message-State: AOJu0YzUk9j3ursrK9X3N4P2UMhglZ9oSnpWOSPO5Mtdw56+Qf9rE5+M WLxMzq16sx3N7Hqr+US/uYWFeg9UT8RKmd6H0GQU4FIKMrsLplIAqCNrmW6eszjFXNCbpPP7Dz5 KR+jrzsmY98rg0Qa+NJopcw9HvpQ= X-Received: by 2002:a2e:a26a:0:b0:2d6:d45d:b49b with SMTP id k10-20020a2ea26a000000b002d6d45db49bmr1635741ljm.10.1712338730780; Fri, 05 Apr 2024 10:38:50 -0700 (PDT) Precedence: bulk X-Mailing-List: linux-bluetooth@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 References: <20240404123602.2369488-1-edumazet@google.com> In-Reply-To: From: Luiz Augusto von Dentz Date: Fri, 5 Apr 2024 13:38:37 -0400 Message-ID: Subject: Re: [PATCH net] Bluetooth: validate setsockopt( BT_PKT_STATUS / BT_DEFER_SETUP) user input To: Eric Dumazet Cc: "David S . Miller" , Jakub Kicinski , Paolo Abeni , netdev@vger.kernel.org, eric.dumazet@gmail.com, syzbot , Marcel Holtmann , Johan Hedberg , linux-bluetooth@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hi Eric, On Fri, Apr 5, 2024 at 12:30=E2=80=AFPM Eric Dumazet = wrote: > > On Fri, Apr 5, 2024 at 6:24=E2=80=AFPM Luiz Augusto von Dentz > wrote: > > > ave used this so far (without risking a kernel bug) > > > > Fair enough, if we don't really have any risk of breaking the API > > (would result in using uninitialized memory) then I propose we do > > something like this: > > > > https://gist.github.com/Vudentz/c9092e8a3cb1e7e6a8fd384a51300eee > > > > That said perhaps copy_from_sockptr shall really take into account > > both source and destination lengths so it could incorporate the check > > e.g. if (dst_size > src_size) but that might result in changing every > > user of copy_from_sockptr thus I left it to be specific to bluetooth. > > Make sure to return -EINVAL if the user provided length is too small, > not -EFAULT. Sure, there was also a use of -EOVERFLOW and the fact we are using the return of copy_from_sockptr so if it fails we just return -EFAULT anyway, so if we do start returning the error from the like bt_copy_from_sockptr then we better figure out the errors it returns are proper. Btw, do you want me to spin a new version containing these changes or you would like to incorporate them into your patch and spin a v2? --=20 Luiz Augusto von Dentz