From: Yongseok Koh <yskoh@mellanox.com>
To: Bruce Richardson <bruce.richardson@intel.com>
Cc: Hemant Agrawal <hemant.agrawal@nxp.com>, dpdk stable <stable@dpdk.org>
Subject: [dpdk-stable] patch 'net: fix underflow for checksum of invalid IPv4 packets' has been queued to LTS release 17.11.6
Date: Fri, 8 Mar 2019 09:46:57 -0800 [thread overview]
Message-ID: <20190308174749.30771-19-yskoh@mellanox.com> (raw)
In-Reply-To: <20190308174749.30771-1-yskoh@mellanox.com>
Hi,
FYI, your patch has been queued to LTS release 17.11.6
Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objection by 03/13/19. So please
shout if anyone has objection.
Also note that after the patch there's a diff of the upstream commit vs the patch applied
to the branch. If the code is different (ie: not only metadata diffs), due for example to
a change in context or macro names, please double check it.
Thanks.
Yongseok
---
>From 15482f832ef5a7681a18cd486d2e08a8a78c01f6 Mon Sep 17 00:00:00 2001
From: Bruce Richardson <bruce.richardson@intel.com>
Date: Mon, 17 Dec 2018 15:50:04 +0000
Subject: [PATCH] net: fix underflow for checksum of invalid IPv4 packets
[ upstream commit 8743d499a59c3d6a7c743861fd3baf06ed5fe763 ]
If we receive a packet with an invalid IP header, where the total packet
length is reported as less than the IP header length, we would end up
getting an underflow in the length subtraction.
This could cause us to checksum e.g. 4GB of data in the case where the
result of the subtraction was -1.
We fix this by having the function return 0 - an invalid sum - when
the length is less than the header length.
Fixes: af75078fece3 ("first public release")
Fixes: 6006818cfb26 ("net: new checksum functions")
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Acked-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
lib/librte_net/rte_ip.h | 12 ++++++++----
1 file changed, 8 insertions(+), 4 deletions(-)
diff --git a/lib/librte_net/rte_ip.h b/lib/librte_net/rte_ip.h
index b22c1f800..8d4907f07 100644
--- a/lib/librte_net/rte_ip.h
+++ b/lib/librte_net/rte_ip.h
@@ -372,16 +372,20 @@ rte_ipv4_phdr_cksum(const struct ipv4_hdr *ipv4_hdr, uint64_t ol_flags)
* @param l4_hdr
* The pointer to the beginning of the L4 header.
* @return
- * The complemented checksum to set in the IP packet.
+ * The complemented checksum to set in the IP packet
+ * or 0 on error
*/
static inline uint16_t
rte_ipv4_udptcp_cksum(const struct ipv4_hdr *ipv4_hdr, const void *l4_hdr)
{
uint32_t cksum;
- uint32_t l4_len;
+ uint32_t l3_len, l4_len;
+
+ l3_len = rte_be_to_cpu_16(ipv4_hdr->total_length);
+ if (l3_len < sizeof(struct ipv4_hdr))
+ return 0;
- l4_len = (uint32_t)(rte_be_to_cpu_16(ipv4_hdr->total_length) -
- sizeof(struct ipv4_hdr));
+ l4_len = l3_len - sizeof(struct ipv4_hdr);
cksum = rte_raw_cksum(l4_hdr, l4_len);
cksum += rte_ipv4_phdr_cksum(ipv4_hdr, 0);
--
2.11.0
---
Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- - 2019-03-08 09:46:41.305328052 -0800
+++ 0019-net-fix-underflow-for-checksum-of-invalid-IPv4-packe.patch 2019-03-08 09:46:40.051400000 -0800
@@ -1,8 +1,10 @@
-From 8743d499a59c3d6a7c743861fd3baf06ed5fe763 Mon Sep 17 00:00:00 2001
+From 15482f832ef5a7681a18cd486d2e08a8a78c01f6 Mon Sep 17 00:00:00 2001
From: Bruce Richardson <bruce.richardson@intel.com>
Date: Mon, 17 Dec 2018 15:50:04 +0000
Subject: [PATCH] net: fix underflow for checksum of invalid IPv4 packets
+[ upstream commit 8743d499a59c3d6a7c743861fd3baf06ed5fe763 ]
+
If we receive a packet with an invalid IP header, where the total packet
length is reported as less than the IP header length, we would end up
getting an underflow in the length subtraction.
@@ -15,7 +17,6 @@
Fixes: af75078fece3 ("first public release")
Fixes: 6006818cfb26 ("net: new checksum functions")
-Cc: stable@dpdk.org
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Acked-by: Hemant Agrawal <hemant.agrawal@nxp.com>
@@ -24,10 +25,10 @@
1 file changed, 8 insertions(+), 4 deletions(-)
diff --git a/lib/librte_net/rte_ip.h b/lib/librte_net/rte_ip.h
-index f2a8904a2..f9b909090 100644
+index b22c1f800..8d4907f07 100644
--- a/lib/librte_net/rte_ip.h
+++ b/lib/librte_net/rte_ip.h
-@@ -310,16 +310,20 @@ rte_ipv4_phdr_cksum(const struct ipv4_hdr *ipv4_hdr, uint64_t ol_flags)
+@@ -372,16 +372,20 @@ rte_ipv4_phdr_cksum(const struct ipv4_hdr *ipv4_hdr, uint64_t ol_flags)
* @param l4_hdr
* The pointer to the beginning of the L4 header.
* @return
next prev parent reply other threads:[~2019-03-08 17:48 UTC|newest]
Thread overview: 75+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-03-08 17:46 [dpdk-stable] patch 'net/bnx2x: cleanup info logs' " Yongseok Koh
2019-03-08 17:46 ` [dpdk-stable] patch 'net/i40e: fix getting RSS configuration' " Yongseok Koh
2019-03-08 17:46 ` [dpdk-stable] patch 'net/i40e: fix using recovery mode firmware' " Yongseok Koh
2019-03-08 17:46 ` [dpdk-stable] patch 'net/ixgbe: fix overwriting RSS RETA' " Yongseok Koh
2019-03-08 17:46 ` [dpdk-stable] patch 'net/mlx5: fix validation of Rx queue number' " Yongseok Koh
2019-03-08 17:46 ` [dpdk-stable] patch 'ethdev: fix typo in queue setup error log' " Yongseok Koh
2019-03-08 17:46 ` [dpdk-stable] patch 'drivers/net: fix several Tx prepare functions' " Yongseok Koh
2019-03-08 17:46 ` [dpdk-stable] patch 'vhost: fix crash after mmap failure' " Yongseok Koh
2019-03-08 17:46 ` [dpdk-stable] patch 'net/i40e: revert fix offload not supported mask' " Yongseok Koh
2019-03-08 17:46 ` [dpdk-stable] patch 'net/i40e: remove redundant reset of queue number' " Yongseok Koh
2019-03-08 17:46 ` [dpdk-stable] patch 'doc: fix garbage text in generated HTML guides' " Yongseok Koh
2019-03-08 17:46 ` [dpdk-stable] patch 'eventdev: fix xstats documentation typo' " Yongseok Koh
2019-03-08 17:46 ` [dpdk-stable] patch 'crypto/qat: fix block size error handling' " Yongseok Koh
2019-03-08 17:46 ` [dpdk-stable] patch 'timer: fix race condition' " Yongseok Koh
2019-03-08 17:46 ` [dpdk-stable] patch 'net/i40e: fix statistics inconsistency' " Yongseok Koh
2019-03-08 17:46 ` [dpdk-stable] patch 'vhost: fix race condition when adding fd in the fdset' " Yongseok Koh
2019-03-08 17:46 ` [dpdk-stable] patch 'net/ena: add supported RSS offloads types' " Yongseok Koh
2019-03-08 17:46 ` [dpdk-stable] patch 'net/ena: update completion queue after cleanup' " Yongseok Koh
2019-03-08 17:46 ` Yongseok Koh [this message]
2019-03-08 17:46 ` [dpdk-stable] patch 'net/tap: add buffer overflow checks before checksum' " Yongseok Koh
2019-03-08 17:46 ` [dpdk-stable] patch 'net/af_packet: fix setting MTU decrements sockaddr twice' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'net/tap: fix possible uninitialized variable access' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'app/testpmd: expand RED queue thresholds to 64 bits' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'net/i40e: fix get RSS conf' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'devtools: fix wrong headline lowercase for arm' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'drivers/crypto: fix PMDs memory leak' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'test/crypto: fix misleading trace message' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'examples/ipsec-secgw: fix outbound codepath for single SA' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'examples/ipsec-secgw: make local variables static' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'kni: fix build on RHEL 8' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'kni: fix build on RHEL8 for arm and Power9' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'mk: fix scope of disabling AVX512F support' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'net/ixgbe: fix over using multicast table for VF' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'vhost: fix possible out of bound access in vector filling' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'net/fm10k: fix internal switch initial status' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'net/dpaa: fix secondary process' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'examples/flow_filtering: fix example documentation' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'doc: fix a parameter name in testpmd guide' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'app/testpmd: fix quit to stop all ports before close' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'net/bonding: fix possible null pointer reference' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'net/sfc: discard last seen VLAN TCI if Tx packet is dropped' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'net/dpaa2: fix device init for secondary process' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'net/sfc: fix typo in preprocessor check' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'drivers: fix sprintf with snprintf' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'net/mlx5: fix instruction hotspot on replenishing Rx buffer' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'examples/tep_term: remove unused constant' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'eal: fix core number validation' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'eal: fix out of bound access when no CPU available' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'eal: check string parameter lengths' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'gro: check invalid TCP header length' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'net/i40e: fix VF overwrite PF RSS LUT for X722' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'net/sfc: fix VF error/missed stats mapping' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'net/sfc: fix datapath name references in logs' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'vhost: fix memory leak on realloc failure' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'examples/vhost: fix path allocation failure handling' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'net/sfc: fix Rx packets counter' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'doc: add missing loopback option in testpmd guide' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'efd: fix tail queue leak' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'net/qede: fix performance bottleneck in Rx path' " Yongseok Koh
2019-03-12 17:04 ` [dpdk-stable] [EXT] " Shahed Shaikh
2019-03-12 22:03 ` Yongseok Koh
2019-03-19 19:12 ` Shahed Shaikh
2019-03-27 18:47 ` Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'net/qede: remove prefetch in Tx " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'doc: fix references in power management guide' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'ethdev: fix errno to have positive value' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'gso: fix VxLAN/GRE tunnel checks' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'kni: fix build for dev_open in Linux 5.0' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'kni: fix build for igb_ndo_bridge_setlink " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'vfio: fix error message' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'net/i40e: fix queue region DCB configure' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'net/virtio-user: fix used ring in cvq handling' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'net/ena: fix dev init with multi-process' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'net/ena: fix errno to positive value' " Yongseok Koh
2019-03-08 17:47 ` [dpdk-stable] patch 'doc: add dependency for PDF in contributing guide' " Yongseok Koh
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190308174749.30771-19-yskoh@mellanox.com \
--to=yskoh@mellanox.com \
--cc=bruce.richardson@intel.com \
--cc=hemant.agrawal@nxp.com \
--cc=stable@dpdk.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).