From patchwork Thu Sep 22 12:55:26 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yotam Gigi X-Patchwork-Id: 673525 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 3sg2185Vn5z9t1Y for ; Fri, 23 Sep 2016 02:26:04 +1000 (AEST) Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=Mellanox.com header.i=@Mellanox.com header.b=LrN+Ht7u; dkim-atps=neutral Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1757580AbcIVQZ6 (ORCPT ); Thu, 22 Sep 2016 12:25:58 -0400 Received: from mail-db5eur01on0057.outbound.protection.outlook.com ([104.47.2.57]:20293 "EHLO EUR01-DB5-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1756049AbcIVQZ4 (ORCPT ); Thu, 22 Sep 2016 12:25:56 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Mellanox.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=JWJ1rl74/StuMm6eU764joQ3yxoYxNP8cksijVjAp4A=; b=LrN+Ht7u/m1suNU95KNJESReXdLtCRtBVCwT9+pc1reT1IPtj/Sdm4wniLF3RyttkreXd6bAWmY020CYhht4CvQToaB3YQdyA3fI/Du2ImNhdJzYYxoByrwr6W5g18NrsYL0up0/QxGG6D4lGRrbSniesYTCUtyOuH9YKED0OxA= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=yotamg@mellanox.com; Received: from dev-r-vrt-155.mtr.labs.mlnx (193.47.165.251) by AM2PR05MB0753.eurprd05.prod.outlook.com (10.161.21.139) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.629.8; Thu, 22 Sep 2016 12:53:24 +0000 From: Yotam Gigi To: , , CC: Yotam Gigi Subject: [PATCH net 2/2] act_ife: Fix false parsing on decode side Date: Thu, 22 Sep 2016 15:55:26 +0300 Message-ID: <1474548926-22815-3-git-send-email-yotamg@mellanox.com> X-Mailer: git-send-email 2.4.3 In-Reply-To: <1474548926-22815-1-git-send-email-yotamg@mellanox.com> References: <1474548926-22815-1-git-send-email-yotamg@mellanox.com> MIME-Version: 1.0 X-Originating-IP: [193.47.165.251] X-ClientProxiedBy: AMSPR02CA0051.eurprd02.prod.outlook.com (10.242.225.179) To AM2PR05MB0753.eurprd05.prod.outlook.com (10.161.21.139) X-MS-Office365-Filtering-Correlation-Id: c8e08296-cac7-42db-829a-08d3e2e770b2 X-Microsoft-Exchange-Diagnostics: 1; AM2PR05MB0753; 2:XroTgesSx8lvjyg2AKGpiIGoOte1zVsCblF2uzaacaGrKIJIseGhDHd/THpsvjND/eniyWA244iC6Sfqx5RHTuEqAzqTHuaq/3IMZkJASApkpja6XnovIQXttvS875cxh9jOpEf2gOkcIu1PIOOEqAUHQ2nzlA185dsBcfOx8GsfMraU9osIeWraBnB2Xp9e; 3:bt8D8Jqs/QLdYiaCcr5RBLbqL58oY08LTKHzcak4y8+IeKKu1Fy+2y1ytgltlOa7ghMQxZK3lIm4GfygL8/rb8FQN/EBSfSmLpjCnfNVkcQZrln33I4JaIy82jQy1Ibs X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:AM2PR05MB0753; X-Microsoft-Exchange-Diagnostics: 1; AM2PR05MB0753; 25:yM09b/NvlbBMX5yjCkJgdo7kL2it1/sQlf/umMfUXFjcWNLWPlFUxF1O/BbyoCQqfcYICCClzu15acxVdsQuob8TLXLcuvUpZZSl4CwpB/IPYtVUWLA5fmSPw7x68Lt1xCGXmpTlc5ObvTDwxeh/OguWZPHGTuCE4+wlNJCOWwuPZ6k6I/+SM04GVxuyDyJggZSF09BfJ2L500jBc0AV1UyECJazoOjNCIxky6VMK+3+3V52ppR8rcnFo0HZeLE110gH0Gj8YPwnRykPM8l+12ePqKWCYESR2Df9nr7yUMUrq6LDe+zE8KCZhhUAQMQbhmKyThfkr94y6dekiZ6Zf/W9v7O67P6NsRkxMMkyEJbJGdy5c+xUBwiA3oxVGocf94ztRJE4fDTOgFxBw6UYDru0X5EhYcbBeEe/Am6Gjtl8ri/00PNaTxLW4bonwUYz5zBfPGlTcue5lbs/RPrC1TnOwaVrteOJn955Q2Nfac28sahtVs7O+Pw3dy2fPgftoKUjrTHz61Pf5XJ29c6pNSJPZ4nMIFsa7U9FXHCJqnvLdTVyKTMbwQnB1JZ2EPBh9DI1t8zCruZtUcOsN7iqiOoUGZfNxilTbxiH4xWkpthfqtJMTGRlvzGx6RmvJikLIfSgSCemb1i1DczveKZCNIk4oUo5/XLUXJUU8SW3FQi3af/jgi2RQWBNPQtNgq3P4sIcjRFiQslsCd4ZOthP3oC9fpJWXIt/b1N0pRt91hejK42OPCkKCd2O8HY7JvXD X-Microsoft-Exchange-Diagnostics: 1; AM2PR05MB0753; 31:/TlK70lIOYO/eBkDG0fTVazV24MBxL8qqMJowa7vfWJJJpPgNQp3Ymws3XYxSy01CAZUZGklcEkzWIq3iNm93BtDZ969afk3654nACtND0qp+A/Or7OaNxFhzuO17r6ZLmubgDMiGwvkm62AbmYV3MJkpiP6K6wvSkf+emMrPkZC2gs6Ck5rMkFX+adXwaIa/Y6UYBIZ/EwMuOcjU4WPnDlMSTg0A7gse7QH3u7QSAE=; 20:g5UM44OAZBre7Mb0RC30Aros2jtQwoIvUsHXwcjdvvvOypT6Drq1yVWJxr/0HBldzgaqPfdTbw7PYf97mJh0EekA01O1KY98RgmFtb/hWOC48/+MsamYJnKQeW5rwfD8leC7nY7lfE+rgWON+uEU/Anr6CLNoswBRRuHosknVV16iOBOmeS/Qet61652vADMLCmZKiIl9BdSNcNOpj95Fp8YcyuvSee4Hi0d4Dnxux1lIw4Malf8lWh0nBo0NNx8yRRKfSMgAQA7zE0ZRnim4TD5ohEyuZJIM1mCDm+oe/OU4zhCH6VWQTjM6KGHxUfj3v5TP112nZRjSwlSzQRdA+iGBoE1oNKpXE4x1jqkspQOz00/m2+jysu8mMmcEfSQsAvCZj6NeswYfrh3BUoMV84gI9trnPkIRNhi6XOq98OHYc9HXZSy3noOO/tfrGwnPQq95WDS8gvO7T1E50fPndRstHoM1xIQqjqfs/iP9/I+HaYbtEfdcBwDo9HxkQXy X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:; X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040176)(601004)(2401047)(8121501046)(5005006)(3002001)(10201501046)(6055026); SRVR:AM2PR05MB0753; BCL:0; PCL:0; RULEID:; SRVR:AM2PR05MB0753; X-Microsoft-Exchange-Diagnostics: 1; AM2PR05MB0753; 4:FxsHP+Wjdk1KGIxBR5ougMFdzI2ykq2018fj0rkvNxH4Ng+B4Q4x6f/SBiniHZLFs3xfgqj8m+OPkKuaVTdP29eAbAvFxIRwXCexS3u3RAQXSs+TM4yjtgpfZ9SkLew6lGsc4dc1AfexeNsD3MD2x/2aoT1tAu9t39DUSpyqNk4c0rTw/e4Dntvp81QrWbXS7EJMnKgvdlwr+rC5yJjP9PuVhdSD12rLykq2PJiSi5CvUVXuWrM8+f8/7SiBD/iDGX5ak9aWrXNFKReofFdzuunlIxZZ9gcLRZa+Iq0ZiNBXcqgfrIFHH+2Ahe3mB88sHsP4zWYWx+hNoxyF/0/Pq9MGOEsg8+6+tJnEPFUciYlS94QLtS6O8zK0rgFJ+U5h0hxtjrDa/h9Gzb8FMWcp0g== X-Forefront-PRVS: 0073BFEF03 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(4630300001)(6009001)(7916002)(199003)(189002)(3846002)(86362001)(36756003)(92566002)(77096005)(5003940100001)(50466002)(19580395003)(48376002)(19580405001)(4326007)(42186005)(5660300001)(105586002)(68736007)(229853001)(106356001)(2201001)(33646002)(7736002)(305945005)(81166006)(81156014)(189998001)(4001430100002)(7846002)(586003)(6116002)(50986999)(107886002)(8676002)(47776003)(97736004)(101416001)(2906002)(2950100001)(5001770100001)(76176999)(50226002)(66066001); DIR:OUT; SFP:1101; SCL:1; SRVR:AM2PR05MB0753; H:dev-r-vrt-155.mtr.labs.mlnx; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; Received-SPF: None (protection.outlook.com: mellanox.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; AM2PR05MB0753; 23:Ffm3rdWvrdWgy8Oqv2W4oDnZW1YcPS7czmftfIleJ?= =?us-ascii?Q?gE/FLVgYOpoKOEJt3lkX8acE2OYkSTj+vXdv3tioKPRIduAMnEWl8Ul2Wegq?= =?us-ascii?Q?n6XvH2kNxBbyR2UG/Ezze2WOpiqrAuceQ9iCpyvWXFu+XA/ozsZAFvShkViv?= =?us-ascii?Q?kOpxReJqJSfb25tgJoiRfyjNlozkkz3lV5wTnvFTOU5LjFbJlqacFNlhFfqj?= =?us-ascii?Q?nfwAUi8RYoF85HEE8bWjLtCS8FOhn1EMawH0Ur3eUp9xOrPMVW5l/ZilFrOk?= =?us-ascii?Q?YLgxoPsG5uWfgf94I5nIyzZsf1Q5OSW1RMakeuieHX/yU+LLCZddR2QLxy1X?= =?us-ascii?Q?AQe8kqBWt630yMbGxhFK2AxunK2ulO3shzG6cm9/D5c6hFsXHQx4710lu3qf?= =?us-ascii?Q?hhB6t1OUcT0qi5xaMy264ywt8D0jPt6k1cKDsYpH7jxVAujJ/oO414/mNcfh?= =?us-ascii?Q?7FbwGLfIb1y8XA9dbx4pV9iI1xyb1+zRW27rTYh1FKUvyamfnqoi+CaMtyUu?= =?us-ascii?Q?FbgZPqVHtnJjiOO0MMr+fcsuXIYx1VhTkhicy/gU+Y4Q4EftrvvNtkfL2jVE?= =?us-ascii?Q?SDZ/4EmWY23j447IWlIrIK6eJbdhAf9ZG+wuXKGNBsiZt5SpHIKPkIhWiq8U?= =?us-ascii?Q?Hf1YWIbRHjlsy8Vviv0i6LuvrOedZ4sQDV0tpNrIVth44we/+sbX0m2jwsQ3?= =?us-ascii?Q?/D0zwqOFpEwGYeEZW8EcpAAo2VumY3UTB49GFOWOaJPctuiX++FZI09skzOt?= =?us-ascii?Q?1UbxdclH0QlquAfQdgU3wsiiEjHYNkhlK5PlJ46zjwNF2RpS23eSs6reKyE8?= =?us-ascii?Q?qSbwoBlrKJPPOPlWhAG77M2YvkTJMuR4k9NjJfdsP90oUogq8bjjQeTg3zQx?= =?us-ascii?Q?4XYFC5u8FHibhUXTdWuqIUSeTGhOQ5DR4v3cwoom3IWCOguv3bxG07gA8FMQ?= =?us-ascii?Q?ygOCJchkQ8P5cxxqOKc2s6wJJQBT8sOIJ5kqtgTrMTWJ5nYYbTgdHJYU54Us?= =?us-ascii?Q?irVmkkFZECUE9dSdJjx8STX67N6o3srNTmg4FHZoCaB9y4+UfQiTXo+/FJxB?= =?us-ascii?Q?cnYNy/FJ6EPvx+72H6rpSYKPx3dDiTv78Sm2YnCm55yA4VQxo6ltztdiH1YY?= =?us-ascii?Q?FVoU0HnySBxNXiOzjJ2qpx4654O/2keLyke4iLLEuvpFPke48EnhQ=3D=3D?= X-Microsoft-Exchange-Diagnostics: 1; AM2PR05MB0753; 6:W3Gy7mAUDbrkCNJM1h73sFieNYuruea73U3aH9/T+nzuNBHWNJC68nURRqukVrzInuTOyr7HhgCHej4ep6Fhq3VuASxRntwovYU7ISOmZOlsglVSioJsyDwfCTgsAMAGavbndS9kKgGPVVJ6nhJLrneoSigoxHi64TF2LMriNRicTP5x/SlBEeiXALmmOgTzK0sQSvKXJYx/umSfDQSHzZDnYpqUQOnyo6L0omW66fd5iXbRwTpFPDgJlSmB/CXE24LGKpCQiwi60E0ODPT8GCB1vBqaR/1eK8IAnEiVfv4GHfGZ0AZCA5TTc1Bv/Q7fQ9wuJcpG/8IbplcBHhK5RA==; 5:GH6B5aTE70pSt18XA9sGDoQMxuTVUhwF7e0hK8Enx/aPdqzdlfWSAbn62EjBDlt5gQlJBMLyFehMcFLzq2oEUtW3Chzpm/RSdXyrZ2jzfGiDYRmJTVMiwdDNzZysWSVhZsG51iipOF2jhailZVdm8g==; 24:RGyKmQPmoeiBHzvHgr/YEthu33P+XCiufaoqIW2OdZgGS/O12AmLtkzPh9IGntDNAttHBsf0NMfvgfhXOZ3rh7haJyVjQgzSO3BBzz8tCkg=; 7:vdG7J7kum7V3V5FBuHAMXGYELB2RKS9RW9wB6zpwGyVtmyzoYCKPH7iCN0fq2K1523LnMM4e/z30RtdlFeTdWuWem9nHt3n9EYe5TMuYQvaS6/2u1MkjsXYCnfoJRHePmhdXrStD9uNgy6GuPmUvipND9b17Yy/fQDu/CRsXIRH2aQw4WOR98/uYVfRcZx7ayq+oS5CyyNq0Qfk32BOFunOSVncbeQkUin9JIbIzWzN6eYf5Dwh/8q7xwYm3YHivLqTXP7q1cszW+GmF31Jl+DG7eTdbG1TdQCIYCGJ6y7iSDuI+bhj4XR+l3+rCiwLa SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-OriginatorOrg: Mellanox.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 22 Sep 2016 12:53:24.1348 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM2PR05MB0753 Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org On ife decode side, the action iterates over the tlvs in the ife header and parses them one by one, where in each iteration the current pointer is advanced according to the tlv size. Before, the pointer was advanced in a wrong way, as the tlv type and size bytes were not taken into account. This led to false parsing of ife header. In addition, due to the fact that the loop counter was unsigned, it could lead to infinite parsing loop. This fix changes the loop counter to be signed and fixes the parsing to take into account the tlv type and size. Fixes: ef6980b6becb ("net sched: introduce IFE action") Signed-off-by: Yotam Gigi --- net/sched/act_ife.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/net/sched/act_ife.c b/net/sched/act_ife.c index 7f71a3d..4786b28 100644 --- a/net/sched/act_ife.c +++ b/net/sched/act_ife.c @@ -627,7 +627,7 @@ static int tcf_ife_decode(struct sk_buff *skb, const struct tc_action *a, struct tcf_ife_info *ife = to_ife(a); int action = ife->tcf_action; struct ifeheadr *ifehdr = (struct ifeheadr *)skb->data; - u16 ifehdrln = ifehdr->metalen; + int ifehdrln = (int)ifehdr->metalen; struct meta_tlvhdr *tlv = (struct meta_tlvhdr *)(ifehdr->tlv_data); spin_lock(&ife->tcf_lock); @@ -668,8 +668,8 @@ static int tcf_ife_decode(struct sk_buff *skb, const struct tc_action *a, ife->tcf_qstats.overlimits++; } - tlvdata += alen; - ifehdrln -= alen; + tlvdata += alen + sizeof(struct meta_tlvhdr); + ifehdrln -= alen + sizeof(struct meta_tlvhdr); tlv = (struct meta_tlvhdr *)tlvdata; }