From: Kevin Traynor <ktraynor@redhat.com> To: Stephen Hemminger <stephen@networkplumber.org> Cc: Nan Chen <whutchennan@gmail.com>, Long Li <longli@microsoft.com>, dpdk stable <stable@dpdk.org> Subject: [dpdk-stable] patch 'net/netvsc: check for overflow on packet info from host' has been queued to LTS release 18.11.11 Date: Wed, 18 Nov 2020 16:34:47 +0000 Message-ID: <20201118163558.1101823-1-ktraynor@redhat.com> (raw) Hi, FYI, your patch has been queued to LTS release 18.11.11 Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet. It will be pushed if I get no objections before 11/24/20. So please shout if anyone has objections. Also note that after the patch there's a diff of the upstream commit vs the patch applied to the branch. This will indicate if there was any rebasing needed to apply to the stable branch. If there were code changes for rebasing (ie: not only metadata diffs), please double check that the rebase was correctly done. Queued patches are on a temporary branch at: https://github.com/kevintraynor/dpdk-stable-queue This queued commit can be viewed at: https://github.com/kevintraynor/dpdk-stable-queue/commit/1f6666d4fc36792e4cf1892a9fa6bcb95d720dd9 Thanks. Kevin. --- From 1f6666d4fc36792e4cf1892a9fa6bcb95d720dd9 Mon Sep 17 00:00:00 2001 From: Stephen Hemminger <stephen@networkplumber.org> Date: Mon, 10 Aug 2020 19:33:14 -0700 Subject: [PATCH] net/netvsc: check for overflow on packet info from host The data from the host is trusted but checked by the driver. One check that is missing is that the packet offset and length might cause wraparound. Cc: stable@dpdk.org Reported-by: Nan Chen <whutchennan@gmail.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org> Signed-off-by: Long Li <longli@microsoft.com> (cherry picked from commit 7838d3a6ae7a4ae8b3e994efe0d7d9f814941841) --- drivers/net/netvsc/hn_rxtx.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/drivers/net/netvsc/hn_rxtx.c b/drivers/net/netvsc/hn_rxtx.c index cc8bb7ed95..fba08b166b 100644 --- a/drivers/net/netvsc/hn_rxtx.c +++ b/drivers/net/netvsc/hn_rxtx.c @@ -621,5 +621,6 @@ static void hn_rndis_rx_data(struct hn_rx_queue *rxq, void *data, uint32_t dlen) { - unsigned int data_off, data_len, pktinfo_off, pktinfo_len; + unsigned int data_off, data_len, total_len; + unsigned int pktinfo_off, pktinfo_len; const struct rndis_packet_msg *pkt = data; struct hn_rxinfo info = { @@ -666,5 +667,6 @@ static void hn_rndis_rx_data(struct hn_rx_queue *rxq, } - if (unlikely(data_off + data_len > pkt->len)) + if (__builtin_add_overflow(data_off, data_len, &total_len) || + total_len > pkt->len) goto error; -- 2.26.2
next reply other threads:[~2020-11-18 16:36 UTC|newest] Thread overview: 72+ messages / expand[flat|nested] mbox.gz Atom feed top 2020-11-18 16:34 Kevin Traynor [this message] 2020-11-18 16:34 ` [dpdk-stable] patch 'net/netvsc: replace compiler builtin overflow check' " Kevin Traynor 2020-11-18 16:34 ` [dpdk-stable] patch 'eventdev: check allocation in Tx adapter' " Kevin Traynor 2020-11-18 16:34 ` [dpdk-stable] patch 'event/dpaa2: fix dereference before null check' " Kevin Traynor 2020-11-18 16:34 ` [dpdk-stable] patch 'eventdev: fix adapter leak in error path' " Kevin Traynor 2020-11-18 16:34 ` [dpdk-stable] patch 'test/event: fix function arguments for crypto adapter' " Kevin Traynor 2020-11-18 16:34 ` [dpdk-stable] patch 'eal/x86: fix memcpy AVX-512 enablement' " Kevin Traynor 2020-11-18 16:34 ` [dpdk-stable] patch 'vhost: fix virtio-net header length with packed ring' " Kevin Traynor 2020-11-18 16:34 ` [dpdk-stable] patch 'net/netvsc: fix Tx queue leak in error path' " Kevin Traynor 2020-11-18 16:34 ` [dpdk-stable] patch 'net/bonding: fix possible unbalanced packet receiving' " Kevin Traynor 2020-11-18 16:34 ` [dpdk-stable] patch 'net/bonding: fix Rx queue conversion' " Kevin Traynor 2020-11-18 16:34 ` [dpdk-stable] patch 'net/failsafe: fix state synchro cleanup' " Kevin Traynor 2020-11-18 16:34 ` [dpdk-stable] patch 'net/ring: check internal arguments' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'doc: fix EF10 Rx mode name in sfc guide' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'doc: fix typo in pcap " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'net/bnx2x: add QLogic vendor id for BCM57840' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'ethdev: fix memory ordering for callback functions' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'distributor: fix handshake synchronization' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'distributor: fix handshake deadlock' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'distributor: fix buffer use after free' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'distributor: handle worker shutdown in burst mode' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'test/distributor: fix shutdown of busy worker' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'distributor: fix return pkt calls in single mode' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'test/distributor: fix freeing mbufs' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'test/distributor: fix lcores statistics' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'test/distributor: collect return mbufs' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'distributor: fix API documentation' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'test/distributor: fix race conditions on shutdown' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'distributor: fix scalar matching' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'distributor: fix flushing in flight packets' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'distributor: fix clearing returns buffer' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'test/distributor: fix quitting workers in burst mode' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'test/distributor: fix mbuf leak on failure' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'doc: add SPDX license tag header to meson guide' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'app: fix missing dependencies' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'examples/l2fwd-crypto: fix missing dependency' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'bus/pci: remove unused scan by address' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'eal/linux: fix memory leak in uevent handling' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'efd: fix tailq entry leak in error path' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'eal: fix leak on device event callback unregister' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'mem: fix config name in error logs' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'examples/vm_power: fix build on Ubuntu 20.04' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'examples/multi_process: " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'examples/performance-thread: fix build with low core count' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'baseband/turbo_sw: fix memory leak in error path' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'examples/fips_validation: fix missed version line' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'crypto/dpaa2_sec: remove dead code' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'common/qat: add missing kmod dependency info' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'app/testpmd: fix bonding xmit balance policy command' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'net/i40e: fix virtual channel conflict' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'net/ixgbe: check switch domain allocation result' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'net/i40e: fix QinQ flow pattern to allow non full mask' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'net/ixgbe: fix vector Rx' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'net/i40e: " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'net/fm10k: " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'net/vhost: fix xstats after clearing stats' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'vhost: fix virtqueues metadata allocation' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'vhost: validate index in available entries API' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'vhost: validate index in guest notification " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'net/ena: remove unused macro' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'net/mvpp2: fix memory leak in error path' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'net/netvsc: allocate contiguous physical memory for RNDIS' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'app/testpmd: fix RSS key for flow API RSS rule' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'net/i40e: fix flow director for eth + VLAN pattern' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'net/bnxt: fix resetting mbuf data offset' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'net/vdev_netvsc: fix device probing error flow' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'net/thunderx: fix memory leak on rbdr desc ring failure' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'app/testpmd: do not allow dynamic change of core number' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'ethdev: fix data type for port id' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'fix spellings that Lintian complains about' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'doc: fix typo in KNI guide' " Kevin Traynor 2020-11-18 16:35 ` [dpdk-stable] patch 'ethdev: move non-offload capabilities' " Kevin Traynor
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20201118163558.1101823-1-ktraynor@redhat.com \ --to=ktraynor@redhat.com \ --cc=longli@microsoft.com \ --cc=stable@dpdk.org \ --cc=stephen@networkplumber.org \ --cc=whutchennan@gmail.com \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
patches for DPDK stable branches This inbox may be cloned and mirrored by anyone: git clone --mirror http://inbox.dpdk.org/stable/0 stable/git/0.git # If you have public-inbox 1.1+ installed, you may # initialize and index your mirror using the following commands: public-inbox-init -V2 stable stable/ http://inbox.dpdk.org/stable \ stable@dpdk.org public-inbox-index stable Example config snippet for mirrors. Newsgroup available over NNTP: nntp://inbox.dpdk.org/inbox.dpdk.stable AGPL code for this site: git clone https://public-inbox.org/public-inbox.git