From: Jakub Kicinski <kuba@kernel.org>
To: davem@davemloft.net
Cc: netdev@vger.kernel.org, Jakub Kicinski <kuba@kernel.org>
Subject: [PATCH net-next 7/9] dev_addr: add a modification check
Date: Wed, 17 Nov 2021 20:14:59 -0800 [thread overview]
Message-ID: <20211118041501.3102861-8-kuba@kernel.org> (raw)
In-Reply-To: <20211118041501.3102861-1-kuba@kernel.org>
netdev->dev_addr should only be modified via helpers,
but someone may be casting off the const. Add a runtime
check to catch abuses.
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
---
include/linux/netdevice.h | 3 +++
net/core/dev.c | 1 +
net/core/dev_addr_lists.c | 19 +++++++++++++++++++
3 files changed, 23 insertions(+)
diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h
index 2462195784a9..b2ae8b9e04e4 100644
--- a/include/linux/netdevice.h
+++ b/include/linux/netdevice.h
@@ -2268,6 +2268,8 @@ struct net_device {
/* protected by rtnl_lock */
struct bpf_xdp_entity xdp_state[__MAX_XDP_MODE];
+
+ u8 dev_addr_shadow[MAX_ADDR_LEN];
};
#define to_net_dev(d) container_of(d, struct net_device, dev)
@@ -4288,6 +4290,7 @@ int dev_addr_del(struct net_device *dev, const unsigned char *addr,
unsigned char addr_type);
void dev_addr_flush(struct net_device *dev);
int dev_addr_init(struct net_device *dev);
+void dev_addr_check(struct net_device *dev);
/* Functions used for unicast addresses handling */
int dev_uc_add(struct net_device *dev, const unsigned char *addr);
diff --git a/net/core/dev.c b/net/core/dev.c
index 92c9258cbf28..9219e319e901 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -1377,6 +1377,7 @@ static int __dev_open(struct net_device *dev, struct netlink_ext_ack *extack)
int ret;
ASSERT_RTNL();
+ dev_addr_check(dev);
if (!netif_device_present(dev)) {
/* may be detached because parent is runtime-suspended */
diff --git a/net/core/dev_addr_lists.c b/net/core/dev_addr_lists.c
index a23a83ac18e5..969942734951 100644
--- a/net/core/dev_addr_lists.c
+++ b/net/core/dev_addr_lists.c
@@ -498,6 +498,21 @@ EXPORT_SYMBOL(__hw_addr_init);
* Device addresses handling functions
*/
+/* Check that netdev->dev_addr is not written to directly as this would
+ * break the rbtree layout. All changes should go thru dev_addr_set() and co.
+ * Remove this check in mid-2024.
+ */
+void dev_addr_check(struct net_device *dev)
+{
+ if (!memcmp(dev->dev_addr, dev->dev_addr_shadow, MAX_ADDR_LEN))
+ return;
+
+ netdev_warn(dev, "Current addr: %*ph\n", MAX_ADDR_LEN, dev->dev_addr);
+ netdev_warn(dev, "Expected addr: %*ph\n",
+ MAX_ADDR_LEN, dev->dev_addr_shadow);
+ netdev_WARN(dev, "Incorrect netdev->dev_addr\n");
+}
+
/**
* dev_addr_flush - Flush device address list
* @dev: device
@@ -509,6 +524,7 @@ EXPORT_SYMBOL(__hw_addr_init);
void dev_addr_flush(struct net_device *dev)
{
/* rtnl_mutex must be held here */
+ dev_addr_check(dev);
__hw_addr_flush(&dev->dev_addrs);
dev->dev_addr = NULL;
@@ -552,8 +568,11 @@ void dev_addr_mod(struct net_device *dev, unsigned int offset,
{
struct netdev_hw_addr *ha;
+ dev_addr_check(dev);
+
ha = container_of(dev->dev_addr, struct netdev_hw_addr, addr[0]);
memcpy(&ha->addr[offset], addr, len);
+ memcpy(&dev->dev_addr_shadow[offset], addr, len);
}
EXPORT_SYMBOL(dev_addr_mod);
--
2.31.1
next prev parent reply other threads:[~2021-11-18 4:15 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-11-18 4:14 [PATCH net-next 0/9] net: constify netdev->dev_addr Jakub Kicinski
2021-11-18 4:14 ` [PATCH net-next 1/9] net: ax88796c: don't write to netdev->dev_addr directly Jakub Kicinski
2021-11-18 12:09 ` Lukasz Stelmach
2021-11-18 4:14 ` [PATCH net-next 2/9] mlxsw: constify address in mlxsw_sp_port_dev_addr_set Jakub Kicinski
2021-11-18 7:27 ` Ido Schimmel
2021-11-18 4:14 ` [PATCH net-next 3/9] wilc1000: copy address before calling wilc_set_mac_address Jakub Kicinski
2021-11-18 5:35 ` Kalle Valo
2021-11-18 4:14 ` [PATCH net-next 4/9] ipw2200: constify address in ipw_send_adapter_address Jakub Kicinski
2021-11-18 5:36 ` Kalle Valo
2021-11-18 4:14 ` [PATCH net-next 5/9] net: constify netdev->dev_addr Jakub Kicinski
2021-11-18 6:15 ` kernel test robot
2021-11-18 6:15 ` kernel test robot
2021-11-18 11:36 ` kernel test robot
2021-11-18 11:36 ` kernel test robot
2021-11-18 14:12 ` kernel test robot
2021-11-18 14:12 ` kernel test robot
2021-11-18 4:14 ` [PATCH net-next 6/9] net: unexport dev_addr_init() & dev_addr_flush() Jakub Kicinski
2021-11-18 4:14 ` Jakub Kicinski [this message]
2021-11-18 4:15 ` [PATCH net-next 8/9] dev_addr_list: put the first addr on the tree Jakub Kicinski
2021-11-18 4:15 ` [PATCH net-next 9/9] net: kunit: add a test for dev_addr_lists Jakub Kicinski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211118041501.3102861-8-kuba@kernel.org \
--to=kuba@kernel.org \
--cc=davem@davemloft.net \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.