Netdev Archive on lore.kernel.org
help / color / mirror / Atom feed
From: Willem de Bruijn <willemdebruijn.kernel@gmail.com>
To: Xie He <xie.he.0141@gmail.com>
Cc: Eric Dumazet <eric.dumazet@gmail.com>,
"David S. Miller" <davem@davemloft.net>,
Jakub Kicinski <kuba@kernel.org>,
Linux Kernel Network Developers <netdev@vger.kernel.org>,
LKML <linux-kernel@vger.kernel.org>
Subject: Re: Question about dev_validate_header used in af_packet.c
Date: Tue, 8 Sep 2020 10:40:28 +0200 [thread overview]
Message-ID: <CA+FuTSeJS22R2VYSzcEVvXiUhX79RYE0o3G6V3NKGzQ4UGaJQg@mail.gmail.com> (raw)
In-Reply-To: <CAJht_EPEqUMXNdQLL9d5OtzbZ92Jms7nSUR8bS+cw2Ah5mv6cQ@mail.gmail.com>
On Mon, Sep 7, 2020 at 11:17 PM Xie He <xie.he.0141@gmail.com> wrote:
>
> On Mon, Sep 7, 2020 at 2:06 AM Willem de Bruijn
> <willemdebruijn.kernel@gmail.com> wrote:
> >
> > The CAP_SYS_RAWIO exception indeed was requested to be able to
> > purposely test devices against bad inputs. The gmane link
> > unfortunately no longer works, but this was the discussion thread:
> > https://www.mail-archive.com/netdev@vger.kernel.org/msg99920.html
> >
> > It zeroes the packet up max_header_len to ensure that an unintentional
> > short packet will at least not result in reading undefined data. Now
> > that the dust has settled around the min_header_len/max_header_len
> > changes, maybe now is a good time to revisit removing that
> > CAP_SYS_RAWIO loophole.
>
> Thank you for your explanation! I can now understand the logic of
> dev_hard_header. Thanks!
>
> Do you mean we can now consider removing the ability to bypass the
> header_ops->validate check? That is what I am thinking about, too!
>
> I looked at the link you gave me. I see that Alan Cox wanted to keep
> the ability of intentionally feeding corrupt frames to drivers, to
> test whether drivers are able to handle incomplete headers. However, I
> think after we added the header validation in af_packet.c, drivers no
> longer need to ensure they can handle incomplete headers correctly
> (because this is already handled by us).
Which header validation are you referring to?
The intent is to bypass such validation to be able to test device
drivers. Note that removing that may cause someone's test to start
failing.
> So there's no point in
> keeping the ability to test this, either.
I don't disagree in principle, but do note the failing tests. Bar any
strong reasons for change, I'd leave as is.
next prev parent reply other threads:[~2020-09-08 8:41 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-05 22:24 Question about dev_validate_header used in af_packet.c Xie He
2020-09-05 23:20 ` Xie He
2020-09-07 9:05 ` Willem de Bruijn
2020-09-07 21:16 ` Xie He
2020-09-08 8:40 ` Willem de Bruijn [this message]
2020-09-08 11:00 ` Xie He
2020-09-08 11:52 ` Willem de Bruijn
2020-09-08 12:45 ` Xie He
2020-09-08 17:08 ` Willem de Bruijn
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CA+FuTSeJS22R2VYSzcEVvXiUhX79RYE0o3G6V3NKGzQ4UGaJQg@mail.gmail.com \
--to=willemdebruijn.kernel@gmail.com \
--cc=davem@davemloft.net \
--cc=eric.dumazet@gmail.com \
--cc=kuba@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=xie.he.0141@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).