FAILED: patch "[PATCH] openvswitch: Fix unsafe attribute parsing in" failed to apply to 5.4-stable tree
The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to stable@vger.kernel.org.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x 6beb6835c1fbb3f676aebb51a5fee6b77fed9308 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to 'stable@vger.kernel.org' --in-reply-to '2025050913-rubble-confirm-99ee@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 6beb6835c1fbb3f676aebb51a5fee6b77fed9308 Mon Sep 17 00:00:00 2001 From: Eelco Chaudron echaudro@redhat.com Date: Tue, 6 May 2025 16:28:54 +0200 Subject: [PATCH] openvswitch: Fix unsafe attribute parsing in output_userspace()
This patch replaces the manual Netlink attribute iteration in output_userspace() with nla_for_each_nested(), which ensures that only well-formed attributes are processed.
Fixes: ccb1352e76cf ("net: Add Open vSwitch kernel components.") Signed-off-by: Eelco Chaudron echaudro@redhat.com Acked-by: Ilya Maximets i.maximets@ovn.org Acked-by: Aaron Conole aconole@redhat.com Link: https://patch.msgid.link/0bd65949df61591d9171c0dc13e42cea8941da10.1746541734... Signed-off-by: Jakub Kicinski kuba@kernel.org
diff --git a/net/openvswitch/actions.c b/net/openvswitch/actions.c index 61fea7baae5d..2f22ca59586f 100644 --- a/net/openvswitch/actions.c +++ b/net/openvswitch/actions.c @@ -975,8 +975,7 @@ static int output_userspace(struct datapath *dp, struct sk_buff *skb, upcall.cmd = OVS_PACKET_CMD_ACTION; upcall.mru = OVS_CB(skb)->mru;
- for (a = nla_data(attr), rem = nla_len(attr); rem > 0; - a = nla_next(a, &rem)) { + nla_for_each_nested(a, attr, rem) { switch (nla_type(a)) { case OVS_USERSPACE_ATTR_USERDATA: upcall.userdata = a;
This patch replaces the manual Netlink attribute iteration in output_userspace() with nla_for_each_nested(), which ensures that only well-formed attributes are processed.
Fixes: ccb1352e76cf ("net: Add Open vSwitch kernel components.") Signed-off-by: Eelco Chaudron echaudro@redhat.com Acked-by: Ilya Maximets i.maximets@ovn.org Acked-by: Aaron Conole aconole@redhat.com Link: https://patch.msgid.link/0bd65949df61591d9171c0dc13e42cea8941da10.1746541734... Signed-off-by: Jakub Kicinski kuba@kernel.org (cherry picked from commit 6beb6835c1fbb3f676aebb51a5fee6b77fed9308)
--- The patch did not apply cleanly due to a previously applied style fix that corrected indentation in the original for loop. This patch has been adjusted accordingly to account for that change. --- net/openvswitch/actions.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/net/openvswitch/actions.c b/net/openvswitch/actions.c index 815a55fa7356..5af7fe6312cf 100644 --- a/net/openvswitch/actions.c +++ b/net/openvswitch/actions.c @@ -967,8 +967,7 @@ static int output_userspace(struct datapath *dp, struct sk_buff *skb, upcall.cmd = OVS_PACKET_CMD_ACTION; upcall.mru = OVS_CB(skb)->mru;
- for (a = nla_data(attr), rem = nla_len(attr); rem > 0; - a = nla_next(a, &rem)) { + nla_for_each_nested(a, attr, rem) { switch (nla_type(a)) { case OVS_USERSPACE_ATTR_USERDATA: upcall.userdata = a;
[ Sasha's backport helper bot ]
Hi,
Summary of potential issues: ⚠️ Found matching upstream commit but patch is missing proper reference to it
Found matching upstream commit: 6beb6835c1fbb3f676aebb51a5fee6b77fed9308
Status in newer kernel trees: 6.14.y | Present (different SHA1: 4d184c1b89b8) 6.12.y | Present (different SHA1: 4ae0a4524c47) 6.6.y | Present (different SHA1: 46e070d3714b) 6.1.y | Present (different SHA1: 68544f9fe709) 5.15.y | Present (different SHA1: 99deb2bf2bd1) 5.10.y | Present (different SHA1: c081a8228222)
Note: The patch differs from the upstream commit: --- 1: 6beb6835c1fbb ! 1: 88825867905fa openvswitch: Fix unsafe attribute parsing in output_userspace() @@ Commit message Acked-by: Aaron Conole aconole@redhat.com Link: https://patch.msgid.link/0bd65949df61591d9171c0dc13e42cea8941da10.1746541734... Signed-off-by: Jakub Kicinski kuba@kernel.org + (cherry picked from commit 6beb6835c1fbb3f676aebb51a5fee6b77fed9308)
## net/openvswitch/actions.c ## @@ net/openvswitch/actions.c: static int output_userspace(struct datapath *dp, struct sk_buff *skb, @@ net/openvswitch/actions.c: static int output_userspace(struct datapath *dp, stru upcall.mru = OVS_CB(skb)->mru;
- for (a = nla_data(attr), rem = nla_len(attr); rem > 0; -- a = nla_next(a, &rem)) { +- a = nla_next(a, &rem)) { + nla_for_each_nested(a, attr, rem) { switch (nla_type(a)) { case OVS_USERSPACE_ATTR_USERDATA: ---
Results of testing on various branches:
| Branch | Patch Apply | Build Test | |---------------------------|-------------|------------| | stable/linux-5.4.y | Success | Success |
On 12 May 2025, at 23:52, Sasha Levin wrote:
[ Sasha's backport helper bot ]
Hi,
Summary of potential issues: ⚠️ Found matching upstream commit but patch is missing proper reference to it
Found matching upstream commit: 6beb6835c1fbb3f676aebb51a5fee6b77fed9308
Status in newer kernel trees: 6.14.y | Present (different SHA1: 4d184c1b89b8) 6.12.y | Present (different SHA1: 4ae0a4524c47) 6.6.y | Present (different SHA1: 46e070d3714b) 6.1.y | Present (different SHA1: 68544f9fe709) 5.15.y | Present (different SHA1: 99deb2bf2bd1) 5.10.y | Present (different SHA1: c081a8228222)
Note: The patch differs from the upstream commit:
1: 6beb6835c1fbb ! 1: 88825867905fa openvswitch: Fix unsafe attribute parsing in output_userspace() @@ Commit message Acked-by: Aaron Conole aconole@redhat.com Link: https://patch.msgid.link/0bd65949df61591d9171c0dc13e42cea8941da10.1746541734... Signed-off-by: Jakub Kicinski kuba@kernel.org + (cherry picked from commit 6beb6835c1fbb3f676aebb51a5fee6b77fed9308)
Hi Sasha,
This is my first backport, so can you let me know what the exact tag should be, as I just added the ‘cherry picked’ comment? And do you want a v2?’
## net/openvswitch/actions.c ## @@ net/openvswitch/actions.c: static int output_userspace(struct datapath *dp, struct sk_buff *skb, @@ net/openvswitch/actions.c: static int output_userspace(struct datapath *dp, stru upcall.mru = OVS_CB(skb)->mru; - for (a = nla_data(attr), rem = nla_len(attr); rem > 0; -- a = nla_next(a, &rem)) { +- a = nla_next(a, &rem)) { + nla_for_each_nested(a, attr, rem) { switch (nla_type(a)) { case OVS_USERSPACE_ATTR_USERDATA:
Results of testing on various branches:
| Branch | Patch Apply | Build Test | |---------------------------|-------------|------------| | stable/linux-5.4.y | Success | Success |
On 9 May 2025, at 10:56, gregkh@linuxfoundation.org wrote:
The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to stable@vger.kernel.org.
Hi Greg,
I've just sent out a patch using the description below. This is my first time doing this, so please let me know if I messed anything up. :)
Cheers,
Eelco
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x 6beb6835c1fbb3f676aebb51a5fee6b77fed9308 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to 'stable@vger.kernel.org' --in-reply-to '2025050913-rubble-confirm-99ee@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^..
Possible dependencies:
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From 6beb6835c1fbb3f676aebb51a5fee6b77fed9308 Mon Sep 17 00:00:00 2001 From: Eelco Chaudron echaudro@redhat.com Date: Tue, 6 May 2025 16:28:54 +0200 Subject: [PATCH] openvswitch: Fix unsafe attribute parsing in output_userspace()
This patch replaces the manual Netlink attribute iteration in output_userspace() with nla_for_each_nested(), which ensures that only well-formed attributes are processed.
Fixes: ccb1352e76cf ("net: Add Open vSwitch kernel components.") Signed-off-by: Eelco Chaudron echaudro@redhat.com Acked-by: Ilya Maximets i.maximets@ovn.org Acked-by: Aaron Conole aconole@redhat.com Link: https://patch.msgid.link/0bd65949df61591d9171c0dc13e42cea8941da10.1746541734... Signed-off-by: Jakub Kicinski kuba@kernel.org
diff --git a/net/openvswitch/actions.c b/net/openvswitch/actions.c index 61fea7baae5d..2f22ca59586f 100644 --- a/net/openvswitch/actions.c +++ b/net/openvswitch/actions.c @@ -975,8 +975,7 @@ static int output_userspace(struct datapath *dp, struct sk_buff *skb, upcall.cmd = OVS_PACKET_CMD_ACTION; upcall.mru = OVS_CB(skb)->mru;
- for (a = nla_data(attr), rem = nla_len(attr); rem > 0;
a = nla_next(a, &rem)) {
- nla_for_each_nested(a, attr, rem) { switch (nla_type(a)) { case OVS_USERSPACE_ATTR_USERDATA: upcall.userdata = a;
linux-stable-mirror@lists.linaro.org
-
Eelco Chaudron -
gregkh@linuxfoundation.org -
Sasha Levin