Re: [PATCH for 5.10] vdpa_sim: fix param validation in vdpasim_get_config()

From: Greg KH <gregkh@linuxfoundation.org>
To: Stefano Garzarella <sgarzare@redhat.com>
Cc: "Michael S. Tsirkin" <mst@redhat.com>,
	linux-kernel@vger.kernel.org, stable@vger.kernel.org,
	virtualization@lists.linux-foundation.org,
	Eli Cohen <elic@nvidia.com>
Subject: Re: [PATCH for 5.10] vdpa_sim: fix param validation in vdpasim_get_config()
Date: Mon, 15 Feb 2021 16:23:54 +0100	[thread overview]
Message-ID: <YCqSCg4gugL/bX8f@kroah.com> (raw)
In-Reply-To: <20210215150321.anwcogkifg6sefp6@steredhat>

On Mon, Feb 15, 2021 at 04:03:21PM +0100, Stefano Garzarella wrote:
> On Mon, Feb 15, 2021 at 03:32:19PM +0100, Greg KH wrote:
> > On Thu, Feb 11, 2021 at 05:25:19PM +0100, Stefano Garzarella wrote:
> > > Commit 65b709586e222fa6ffd4166ac7fdb5d5dad113ee upstream.
> > 
> > No, this really is not that commit, so please do not say it is.
> 
> Oops, sorry.
> 
> > 
> > > Before this patch, if 'offset + len' was equal to
> > > sizeof(struct virtio_net_config), the entire buffer wasn't filled,
> > > returning incorrect values to the caller.
> > > 
> > > Since 'vdpasim->config' type is 'struct virtio_net_config', we can
> > > safely copy its content under this condition.
> > > 
> > > Commit 65b709586e22 ("vdpa_sim: add get_config callback in
> > > vdpasim_dev_attr") unintentionally solved it upstream while
> > > refactoring vdpa_sim.c to support multiple devices. But we don't want
> > > to backport it to stable branches as it contains many changes.
> > > 
> > > Fixes: 2c53d0f64c06 ("vdpasim: vDPA device simulator")
> > > Cc: <stable@vger.kernel.org> # 5.10.x
> > > Signed-off-by: Stefano Garzarella <sgarzare@redhat.com>
> > > ---
> > >  drivers/vdpa/vdpa_sim/vdpa_sim.c | 2 +-
> > >  1 file changed, 1 insertion(+), 1 deletion(-)
> > > 
> > > diff --git a/drivers/vdpa/vdpa_sim/vdpa_sim.c b/drivers/vdpa/vdpa_sim/vdpa_sim.c
> > > index 6a90fdb9cbfc..8ca178d7b02f 100644
> > > --- a/drivers/vdpa/vdpa_sim/vdpa_sim.c
> > > +++ b/drivers/vdpa/vdpa_sim/vdpa_sim.c
> > > @@ -572,7 +572,7 @@ static void vdpasim_get_config(struct vdpa_device *vdpa, unsigned int offset,
> > >  {
> > >  	struct vdpasim *vdpasim = vdpa_to_sim(vdpa);
> > > 
> > > -	if (offset + len < sizeof(struct virtio_net_config))
> > > +	if (offset + len <= sizeof(struct virtio_net_config))
> > >  		memcpy(buf, (u8 *)&vdpasim->config + offset, len);
> > >  }
> > 
> > I'll be glad to take a one-off patch, but why can't we take the real
> > upstream patch?  That is always the better long-term solution, right?
> 
> Because that patch depends on the following patches merged in v5.11-rc1
> while refactoring vdpa_sim:
>   f37cbbc65178 vdpa_sim: make 'config' generic and usable for any device type
>   cf1a3b35382c vdpa_sim: store parsed MAC address in a buffer
>   a13b5918fdd0 vdpa_sim: add work_fn in vdpasim_dev_attr
>   011c35bac5ef vdpa_sim: add supported_features field in vdpasim_dev_attr
>   2f8f46188805 vdpa_sim: add device id field in vdpasim_dev_attr
>   6c6e28fe4579 vdpa_sim: add struct vdpasim_dev_attr for device attributes
>   36a9c3063025 vdpa_sim: rename vdpasim_config_ops variables
>   423248d60d2b vdpa_sim: remove hard-coded virtq count
> 
> Maybe we can skip some of them, but IMHO should be less risky to apply only
> this change.
> 
> If you want I can try to figure out the minimum sub-set of patches needed
> for 65b709586e22 ("vdpa_sim: add get_config callback in vdpasim_dev_attr").

The minimum is always nice :)

If it's just too much churn for no good reason, then yes, the one-line
change above will be ok, but you need to document the heck out of why
this is not upstream and that it is a one-off thing.

thanks,

greg k-h
_______________________________________________
Virtualization mailing list
Virtualization@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/virtualization