Re: [PATCH net-next] ethtool: Clarify len/n_stats fields in/out semantics
From: Jakub Kicinski <kuba@kernel.org>
Date: 2026-01-08 02:39:10
On Wed, 7 Jan 2026 10:51:46 +0200 Gal Pressman wrote:
On 07/01/2026 3:48, Jakub Kicinski wrote:quoted
On Mon, 5 Jan 2026 18:39:23 +0200 Gal Pressman wrote:quoted
- * @n_stats: On return, the number of statistics + * @n_stats: On entry, the number of stats requested. + On return, the number of stats returned. * @data: Array of statisticsMissing a '*'Ah, missed it, thanks!quoted
But stepping back we should rephrase the comment to cover both directions instead of mechanically adding the corresponding "On entry"What do you mean? How would you phrase it?
Maybe just "number of stats"? If you want you can (in the body of the doc) go into the detail that setting the value on input is optional. And on output it will either be the number of stats reported or 0 if there's a mismatch?
quoted
FTR my recollection was that we never validated these field on entry and if that's the case 7b07be1ff1cb6 is quite questionable, uAPI-breakage wise.Can you describe the breakage please? The kernel didn't look at this field on entry, but AFAICT, it was passed from userspace since the beginning of time. As a precaution, the cited patch only looks at the input values if they're different than zero, so theoretical apps that didn't fill them shouldn't be affected. Maybe if the app deliberately put a wrong length value on the input buffer?
Not deliberately, but there used to be nothing illegal about malloc()'ing the area and only initializing cmd. n_stats was clearly defined as output only, and zeroing out the buffer was kinda pointless given that kernel was expected to override the stats area immediately with data. Don't think we need to revert the change now, let's see if anyone complains (perhaps ethtool CLI is the main way people interact with the stats?) But there have been LWN articles about this sort of "start using an un-validate field" in the past. It's well understood to be a no-no.