From: Simon Horman <simon.horman@corigine.com>
To: Ratheesh Kannoth <rkannoth@marvell.com>
Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org,
jhs@mojatatu.com, xiyou.wangcong@gmail.com, jiri@resnulli.us,
davem@davemloft.net, edumazet@google.com, kuba@kernel.org,
pabeni@redhat.com
Subject: Re: [PATCH net-next] flow_dissector: Add IPSEC dissectors
Date: Tue, 25 Jul 2023 21:50:43 +0200 [thread overview]
Message-ID: <ZMAnk5Kl3qp17fko@corigine.com> (raw)
In-Reply-To: <20230725032451.505189-1-rkannoth@marvell.com>
On Tue, Jul 25, 2023 at 08:54:51AM +0530, Ratheesh Kannoth wrote:
...
> diff --git a/include/net/flow_dissector.h b/include/net/flow_dissector.h
> index 8664ed4fbbdf..ffec739f049a 100644
> --- a/include/net/flow_dissector.h
> +++ b/include/net/flow_dissector.h
> @@ -301,6 +301,14 @@ struct flow_dissector_key_l2tpv3 {
> __be32 session_id;
> };
>
> +/**
> + * struct flow_dissector_key_ipsec:
> + * @spi: identifier for a ipsec connection
> + */
> +struct flow_dissector_key_ipsec {
> + __be32 spi;
> +};
> +
> /**
> * struct flow_dissector_key_cfm
> * @mdl_ver: maintenance domain level (mdl) and cfm protocol version
> @@ -353,6 +361,7 @@ enum flow_dissector_key_id {
> FLOW_DISSECTOR_KEY_NUM_OF_VLANS, /* struct flow_dissector_key_num_of_vlans */
> FLOW_DISSECTOR_KEY_PPPOE, /* struct flow_dissector_key_pppoe */
> FLOW_DISSECTOR_KEY_L2TPV3, /* struct flow_dissector_key_l2tpv3 */
> + FLOW_DISSECTOR_KEY_IPSEC, /* struct flow_dissector_key_ipsec */
> FLOW_DISSECTOR_KEY_CFM, /* struct flow_dissector_key_cfm */
>
> FLOW_DISSECTOR_KEY_MAX,
...
Hi Ratheesh,
With this change, this enum now has 33 values, excluding
FLOW_DISSECTOR_KEY_MAX. I.e the range of values is from 0 to 32.
But dissector_uses_key() looks like this:
static inline bool dissector_uses_key(const struct flow_dissector *flow_dissector,
enum flow_dissector_key_id key_id)
{
return flow_dissector->used_keys & (1 << key_id);
}
And the type of the used_keys field of struct flow_dissector
is unsigned int, a 32bit entity.
So an overflow will now occur if key_id is FLOW_DISSECTOR_KEY_CFM.
This is flagged by Sparse.
--
pw-bot: changes-requested
next prev parent reply other threads:[~2023-07-25 19:50 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-07-25 3:24 [PATCH net-next] flow_dissector: Add IPSEC dissectors Ratheesh Kannoth
2023-07-25 5:11 ` Leon Romanovsky
2023-07-26 5:52 ` Ratheesh Kannoth
2023-07-25 10:12 ` Ido Schimmel
2023-07-26 5:54 ` Ratheesh Kannoth
2023-07-25 19:50 ` Simon Horman [this message]
2023-07-26 6:34 ` Ratheesh Kannoth
2023-07-26 7:38 ` Simon Horman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZMAnk5Kl3qp17fko@corigine.com \
--to=simon.horman@corigine.com \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=jhs@mojatatu.com \
--cc=jiri@resnulli.us \
--cc=kuba@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=rkannoth@marvell.com \
--cc=xiyou.wangcong@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).