From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by dpdk.org (Postfix) with ESMTP id F0D471B4A3 for ; Fri, 4 Jan 2019 14:26:29 +0100 (CET) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 4B601C058CA9; Fri, 4 Jan 2019 13:26:29 +0000 (UTC) Received: from ktraynor.remote.csb (ovpn-117-13.ams2.redhat.com [10.36.117.13]) by smtp.corp.redhat.com (Postfix) with ESMTP id 4DDFB5C224; Fri, 4 Jan 2019 13:26:28 +0000 (UTC) From: Kevin Traynor To: Jiayu Hu Cc: dpdk stable Date: Fri, 4 Jan 2019 13:23:52 +0000 Message-Id: <20190104132455.15170-10-ktraynor@redhat.com> In-Reply-To: <20190104132455.15170-1-ktraynor@redhat.com> References: <20190104132455.15170-1-ktraynor@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Fri, 04 Jan 2019 13:26:29 +0000 (UTC) Subject: [dpdk-stable] patch 'gro: fix overflow of payload length calculation' has been queued to LTS release 18.11.1 X-BeenThere: stable@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: patches for DPDK stable branches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Jan 2019 13:26:30 -0000 Hi, FYI, your patch has been queued to LTS release 18.11.1 Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet. It will be pushed if I get no objections before 01/11/19. So please shout if anyone has objections. Also note that after the patch there's a diff of the upstream commit vs the patch applied to the branch. This will indicate if there was any rebasing needed to apply to the stable branch. If there were code changes for rebasing (ie: not only metadata diffs), please double check that the rebase was correctly done. Thanks. Kevin Traynor --- >>From af703566f8bbb1cc6dda529d47fadc17117ffd09 Mon Sep 17 00:00:00 2001 From: Jiayu Hu Date: Mon, 17 Dec 2018 14:05:39 +0800 Subject: [PATCH] gro: fix overflow of payload length calculation [ upstream commit f8a05885e7fffbcba1b42bf21ac61c2523943cde ] When the packet length is smaller than the header length, the calculated payload length will be overflowed and result in incorrect reassembly behaviors. Fixes: 1e4cf4d6d4fb ("gro: cleanup") Fixes: 9e0b9d2ec0f4 ("gro: support VxLAN GRO") Signed-off-by: Jiayu Hu --- lib/librte_gro/gro_tcp4.c | 3 ++- lib/librte_gro/gro_vxlan_tcp4.c | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/lib/librte_gro/gro_tcp4.c b/lib/librte_gro/gro_tcp4.c index 2c0f35c6d..2fe9aab3e 100644 --- a/lib/librte_gro/gro_tcp4.c +++ b/lib/librte_gro/gro_tcp4.c @@ -199,5 +199,6 @@ gro_tcp4_reassemble(struct rte_mbuf *pkt, struct tcp_hdr *tcp_hdr; uint32_t sent_seq; - uint16_t tcp_dl, ip_id, hdr_len, frag_off; + int32_t tcp_dl; + uint16_t ip_id, hdr_len, frag_off; uint8_t is_atomic; diff --git a/lib/librte_gro/gro_vxlan_tcp4.c b/lib/librte_gro/gro_vxlan_tcp4.c index ca86f010c..955ae4b56 100644 --- a/lib/librte_gro/gro_vxlan_tcp4.c +++ b/lib/librte_gro/gro_vxlan_tcp4.c @@ -296,5 +296,6 @@ gro_vxlan_tcp4_reassemble(struct rte_mbuf *pkt, struct vxlan_hdr *vxlan_hdr; uint32_t sent_seq; - uint16_t tcp_dl, frag_off, outer_ip_id, ip_id; + int32_t tcp_dl; + uint16_t frag_off, outer_ip_id, ip_id; uint8_t outer_is_atomic, is_atomic; -- 2.19.0 --- Diff of the applied patch vs upstream commit (please double-check if non-empty: --- --- - 2019-01-04 13:23:07.697424029 +0000 +++ 0010-gro-fix-overflow-of-payload-length-calculation.patch 2019-01-04 13:23:07.000000000 +0000 @@ -1,15 +1,16 @@ -From f8a05885e7fffbcba1b42bf21ac61c2523943cde Mon Sep 17 00:00:00 2001 +From af703566f8bbb1cc6dda529d47fadc17117ffd09 Mon Sep 17 00:00:00 2001 From: Jiayu Hu Date: Mon, 17 Dec 2018 14:05:39 +0800 Subject: [PATCH] gro: fix overflow of payload length calculation +[ upstream commit f8a05885e7fffbcba1b42bf21ac61c2523943cde ] + When the packet length is smaller than the header length, the calculated payload length will be overflowed and result in incorrect reassembly behaviors. Fixes: 1e4cf4d6d4fb ("gro: cleanup") Fixes: 9e0b9d2ec0f4 ("gro: support VxLAN GRO") -Cc: stable@dpdk.org Signed-off-by: Jiayu Hu ---