Thread (5 messages) 5 messages, 2 authors, 2026-01-08

Re: [PATCH net-next] ethtool: Clarify len/n_stats fields in/out semantics

From: Jakub Kicinski <kuba@kernel.org>
Date: 2026-01-08 02:39:10

On Wed, 7 Jan 2026 10:51:46 +0200 Gal Pressman wrote:
On 07/01/2026 3:48, Jakub Kicinski wrote:
quoted
On Mon, 5 Jan 2026 18:39:23 +0200 Gal Pressman wrote:  
quoted
- * @n_stats: On return, the number of statistics
+ * @n_stats: On entry, the number of stats requested.
+	On return, the number of stats returned.
  * @data: Array of statistics  
Missing a '*'  
Ah, missed it, thanks!
quoted
But stepping back we should rephrase the comment to cover both
directions instead of mechanically adding the corresponding "On entry"  
What do you mean?
How would you phrase it?
Maybe just "number of stats"? 

If you want you can (in the body of the doc) go into the detail that
setting the value on input is optional. And on output it will either 
be the number of stats reported or 0 if there's a mismatch?
quoted
FTR my recollection was that we never validated these field on entry and
if that's the case 7b07be1ff1cb6 is quite questionable, uAPI-breakage
wise.  
Can you describe the breakage please?

The kernel didn't look at this field on entry, but AFAICT, it was passed
from userspace since the beginning of time.

As a precaution, the cited patch only looks at the input values if
they're different than zero, so theoretical apps that didn't fill them
shouldn't be affected.

Maybe if the app deliberately put a wrong length value on the input buffer?
Not deliberately, but there used to be nothing illegal about
malloc()'ing the area and only initializing cmd. n_stats was
clearly defined as output only, and zeroing out the buffer
was kinda pointless given that kernel was expected to override
the stats area immediately with data.

Don't think we need to revert the change now, let's see if anyone
complains (perhaps ethtool CLI is the main way people interact with
the stats?) But there have been LWN articles about this sort of "start
using an un-validate field" in the past. It's well understood to be
a no-no.
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help