ethtool: improve compat ioctl handling
The ethtool compat ioctl handling is hidden away in net/socket.c,
which introduces a couple of minor oddities:
- The implementation may end up diverging, as seen in the RXNFC
extension in commit 84a1d9c482 ("net: ethtool: extend RXNFC
API to support RSS spreading of filter matches") that does not work
in compat mode.
- Most architectures do not need the compat handling at all
because u64 and compat_u64 have the same alignment.
- On x86, the conversion is done for both x32 and i386 user space,
but it's actually wrong to do it for x32 and cannot work there.
- On 32-bit Arm, it never worked for compat oabi user space, since
that needs to do the same conversion but does not.
- It would be nice to get rid of both compat_alloc_user_space()
and copy_in_user() throughout the kernel.
None of these actually seems to be a serious problem that real
users are likely to encounter, but fixing all of them actually
leads to code that is both shorter and more readable.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Arnd Bergmann
committed by
David S. Miller
David S. Miller
parent
1a33b18b3b
commit
dd98d2895d
@ -7,6 +7,7 @@
|
||||
* the information ethtool needs.
|
||||
*/
|
||||
|
||||
#include <linux/compat.h>
|
||||
#include <linux/module.h>
|
||||
#include <linux/types.h>
|
||||
#include <linux/capability.h>
|
||||
@ -807,6 +808,120 @@ out:
|
||||
return ret;
|
||||
}
|
||||
|
||||
static noinline_for_stack int
|
||||
ethtool_rxnfc_copy_from_compat(struct ethtool_rxnfc *rxnfc,
|
||||
const struct compat_ethtool_rxnfc __user *useraddr,
|
||||
size_t size)
|
||||
{
|
||||
struct compat_ethtool_rxnfc crxnfc = {};
|
||||
|
||||
/* We expect there to be holes between fs.m_ext and
|
||||
* fs.ring_cookie and at the end of fs, but nowhere else.
|
||||
* On non-x86, no conversion should be needed.
|
||||
*/
|
||||
BUILD_BUG_ON(!IS_ENABLED(CONFIG_X86_64) &&
|
||||
sizeof(struct compat_ethtool_rxnfc) !=
|
||||
sizeof(struct ethtool_rxnfc));
|
||||
BUILD_BUG_ON(offsetof(struct compat_ethtool_rxnfc, fs.m_ext) +
|
||||
sizeof(useraddr->fs.m_ext) !=
|
||||
offsetof(struct ethtool_rxnfc, fs.m_ext) +
|
||||
sizeof(rxnfc->fs.m_ext));
|
||||
BUILD_BUG_ON(offsetof(struct compat_ethtool_rxnfc, fs.location) -
|
||||
offsetof(struct compat_ethtool_rxnfc, fs.ring_cookie) !=
|
||||
offsetof(struct ethtool_rxnfc, fs.location) -
|
||||
offsetof(struct ethtool_rxnfc, fs.ring_cookie));
|
||||
|
||||
if (copy_from_user(&crxnfc, useraddr, min(size, sizeof(crxnfc))))
|
||||
return -EFAULT;
|
||||
|
||||
*rxnfc = (struct ethtool_rxnfc) {
|
||||
.cmd = crxnfc.cmd,
|
||||
.flow_type = crxnfc.flow_type,
|
||||
.data = crxnfc.data,
|
||||
.fs = {
|
||||
.flow_type = crxnfc.fs.flow_type,
|
||||
.h_u = crxnfc.fs.h_u,
|
||||
.h_ext = crxnfc.fs.h_ext,
|
||||
.m_u = crxnfc.fs.m_u,
|
||||
.m_ext = crxnfc.fs.m_ext,
|
||||
.ring_cookie = crxnfc.fs.ring_cookie,
|
||||
.location = crxnfc.fs.location,
|
||||
},
|
||||
.rule_cnt = crxnfc.rule_cnt,
|
||||
};
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int ethtool_rxnfc_copy_from_user(struct ethtool_rxnfc *rxnfc,
|
||||
const void __user *useraddr,
|
||||
size_t size)
|
||||
{
|
||||
if (compat_need_64bit_alignment_fixup())
|
||||
return ethtool_rxnfc_copy_from_compat(rxnfc, useraddr, size);
|
||||
|
||||
if (copy_from_user(rxnfc, useraddr, size))
|
||||
return -EFAULT;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int ethtool_rxnfc_copy_to_compat(void __user *useraddr,
|
||||
const struct ethtool_rxnfc *rxnfc,
|
||||
size_t size, const u32 *rule_buf)
|
||||
{
|
||||
struct compat_ethtool_rxnfc crxnfc;
|
||||
|
||||
memset(&crxnfc, 0, sizeof(crxnfc));
|
||||
crxnfc = (struct compat_ethtool_rxnfc) {
|
||||
.cmd = rxnfc->cmd,
|
||||
.flow_type = rxnfc->flow_type,
|
||||
.data = rxnfc->data,
|
||||
.fs = {
|
||||
.flow_type = rxnfc->fs.flow_type,
|
||||
.h_u = rxnfc->fs.h_u,
|
||||
.h_ext = rxnfc->fs.h_ext,
|
||||
.m_u = rxnfc->fs.m_u,
|
||||
.m_ext = rxnfc->fs.m_ext,
|
||||
.ring_cookie = rxnfc->fs.ring_cookie,
|
||||
.location = rxnfc->fs.location,
|
||||
},
|
||||
.rule_cnt = rxnfc->rule_cnt,
|
||||
};
|
||||
|
||||
if (copy_to_user(useraddr, &crxnfc, min(size, sizeof(crxnfc))))
|
||||
return -EFAULT;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int ethtool_rxnfc_copy_to_user(void __user *useraddr,
|
||||
const struct ethtool_rxnfc *rxnfc,
|
||||
size_t size, const u32 *rule_buf)
|
||||
{
|
||||
int ret;
|
||||
|
||||
if (compat_need_64bit_alignment_fixup()) {
|
||||
ret = ethtool_rxnfc_copy_to_compat(useraddr, rxnfc, size,
|
||||
rule_buf);
|
||||
useraddr += offsetof(struct compat_ethtool_rxnfc, rule_locs);
|
||||
} else {
|
||||
ret = copy_to_user(useraddr, &rxnfc, size);
|
||||
useraddr += offsetof(struct ethtool_rxnfc, rule_locs);
|
||||
}
|
||||
|
||||
if (ret)
|
||||
return -EFAULT;
|
||||
|
||||
if (rule_buf) {
|
||||
if (copy_to_user(useraddr, rule_buf,
|
||||
rxnfc->rule_cnt * sizeof(u32)))
|
||||
return -EFAULT;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static noinline_for_stack int ethtool_set_rxnfc(struct net_device *dev,
|
||||
u32 cmd, void __user *useraddr)
|
||||
{
|
||||
@ -825,7 +940,7 @@ static noinline_for_stack int ethtool_set_rxnfc(struct net_device *dev,
|
||||
info_size = (offsetof(struct ethtool_rxnfc, data) +
|
||||
sizeof(info.data));
|
||||
|
||||
if (copy_from_user(&info, useraddr, info_size))
|
||||
if (ethtool_rxnfc_copy_from_user(&info, useraddr, info_size))
|
||||
return -EFAULT;
|
||||
|
||||
rc = dev->ethtool_ops->set_rxnfc(dev, &info);
|
||||
@ -833,7 +948,7 @@ static noinline_for_stack int ethtool_set_rxnfc(struct net_device *dev,
|
||||
return rc;
|
||||
|
||||
if (cmd == ETHTOOL_SRXCLSRLINS &&
|
||||
copy_to_user(useraddr, &info, info_size))
|
||||
ethtool_rxnfc_copy_to_user(useraddr, &info, info_size, NULL))
|
||||
return -EFAULT;
|
||||
|
||||
return 0;
|
||||
@ -859,7 +974,7 @@ static noinline_for_stack int ethtool_get_rxnfc(struct net_device *dev,
|
||||
info_size = (offsetof(struct ethtool_rxnfc, data) +
|
||||
sizeof(info.data));
|
||||
|
||||
if (copy_from_user(&info, useraddr, info_size))
|
||||
if (ethtool_rxnfc_copy_from_user(&info, useraddr, info_size))
|
||||
return -EFAULT;
|
||||
|
||||
/* If FLOW_RSS was requested then user-space must be using the
|
||||
@ -867,7 +982,7 @@ static noinline_for_stack int ethtool_get_rxnfc(struct net_device *dev,
|
||||
*/
|
||||
if (cmd == ETHTOOL_GRXFH && info.flow_type & FLOW_RSS) {
|
||||
info_size = sizeof(info);
|
||||
if (copy_from_user(&info, useraddr, info_size))
|
||||
if (ethtool_rxnfc_copy_from_user(&info, useraddr, info_size))
|
||||
return -EFAULT;
|
||||
/* Since malicious users may modify the original data,
|
||||
* we need to check whether FLOW_RSS is still requested.
|
||||
@ -893,18 +1008,7 @@ static noinline_for_stack int ethtool_get_rxnfc(struct net_device *dev,
|
||||
if (ret < 0)
|
||||
goto err_out;
|
||||
|
||||
ret = -EFAULT;
|
||||
if (copy_to_user(useraddr, &info, info_size))
|
||||
goto err_out;
|
||||
|
||||
if (rule_buf) {
|
||||
useraddr += offsetof(struct ethtool_rxnfc, rule_locs);
|
||||
if (copy_to_user(useraddr, rule_buf,
|
||||
info.rule_cnt * sizeof(u32)))
|
||||
goto err_out;
|
||||
}
|
||||
ret = 0;
|
||||
|
||||
ret = ethtool_rxnfc_copy_to_user(useraddr, &info, info_size, rule_buf);
|
||||
err_out:
|
||||
kfree(rule_buf);
|
||||
|
||||
|
||||
Reference in New Issue
Block a user