From: Ido Schimmel <idosch@nvidia.com>
To: Petr Machata <petrm@nvidia.com>
Cc: Miaoqian Lin <linmq006@gmail.com>,
Andrew Lunn <andrew+netdev@lunn.ch>,
"David S. Miller" <davem@davemloft.net>,
Eric Dumazet <edumazet@google.com>,
Jakub Kicinski <kuba@kernel.org>, Paolo Abeni <pabeni@redhat.com>,
Vadim Pasternak <vadimp@nvidia.com>,
netdev@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] mlxsw: core_env: Fix stack info leak in mlxsw_env_linecard_modules_power_mode_apply
Date: Mon, 1 Sep 2025 13:21:48 +0300 [thread overview]
Message-ID: <aLVzvAJCjwpWPMU8@shredder> (raw)
In-Reply-To: <87plcav86o.fsf@nvidia.com>
On Mon, Sep 01, 2025 at 11:10:19AM +0200, Petr Machata wrote:
>
> Ido Schimmel <idosch@nvidia.com> writes:
>
> > On Sat, Aug 30, 2025 at 04:11:22PM +0800, Miaoqian Lin wrote:
> >> The extack was declared on the stack without initialization.
> >> If mlxsw_env_set_module_power_mode_apply() fails to set extack,
> >> accessing extack._msg could leak information.
> >
> > Unless I'm missing something, I don't see a case where
> > mlxsw_env_set_module_power_mode_apply() returns an error without setting
> > extack. IOW, I don't see how this info leak can happen with existing
> > code.
>
> Yeah, I agree it all looks initialized.
>
> The patch still makes sense to me, it will make the code less prone to
> footguns in the future. The expectation with extack is that it's
> optional, though functions that take the argument typically also take
> care to set it (or propagate further). But here it is mandatory to
> initialize it, or else things break. With the patch we'd get a
> "(null)\n" instead of garbage. Not great, but better.
Can be solved with this diff:
diff --git a/drivers/net/ethernet/mellanox/mlxsw/core_env.c b/drivers/net/ethernet/mellanox/mlxsw/core_env.c
index 294e758f1067..8908520f39d9 100644
--- a/drivers/net/ethernet/mellanox/mlxsw/core_env.c
+++ b/drivers/net/ethernet/mellanox/mlxsw/core_env.c
@@ -1332,7 +1332,7 @@ mlxsw_env_linecard_modules_power_mode_apply(struct mlxsw_core *mlxsw_core,
for (i = 0; i < env->line_cards[slot_index]->module_count; i++) {
enum ethtool_module_power_mode_policy policy;
struct mlxsw_env_module_info *module_info;
- struct netlink_ext_ack extack;
+ struct netlink_ext_ack extack = {};
int err;
module_info = &env->line_cards[slot_index]->module_info[i];
@@ -1340,7 +1340,7 @@ mlxsw_env_linecard_modules_power_mode_apply(struct mlxsw_core *mlxsw_core,
err = mlxsw_env_set_module_power_mode_apply(mlxsw_core,
slot_index, i,
policy, &extack);
- if (err)
+ if (err && extack._msg)
dev_err(env->bus_info->dev, "%s\n", extack._msg);
}
}
prev parent reply other threads:[~2025-09-01 10:22 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-08-30 8:11 [PATCH] mlxsw: core_env: Fix stack info leak in mlxsw_env_linecard_modules_power_mode_apply Miaoqian Lin
2025-08-31 10:53 ` Ido Schimmel
2025-09-01 9:10 ` Petr Machata
2025-09-01 10:21 ` Ido Schimmel [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aLVzvAJCjwpWPMU8@shredder \
--to=idosch@nvidia.com \
--cc=andrew+netdev@lunn.ch \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=kuba@kernel.org \
--cc=linmq006@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=petrm@nvidia.com \
--cc=vadimp@nvidia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.