lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 2 Feb 2012 10:43:50 +0800
From:	Wei Yongjun <weiyj.lk@...il.com>
To:	davem@...emloft.net
Cc:	haiyangz@...rosoft.com, kys@...rosoft.com, netdev@...r.kernel.org
Subject: Re: [PATCH] net/hyperv: fix the issue that large packets be dropped
 by bridge

On 02/02/2012 03:28 AM, David Miller wrote:
> From: Wei Yongjun <weiyj.lk@...il.com>
> Date: Mon, 30 Jan 2012 16:12:45 +0800
>
>> +	/*
>> +	 * Make sure we got a valid packet message, now total_data_buflen
>> +	 * should be the data packet size plus the trailer padding size
>> +	 */
>> +	if (pkt->total_data_buflen < rndis_pkt->data_len) {
>> +		netdev_err(dev->net_dev->ndev, "incoming packet message "
>> +			   "buffer overflow detected (got %u, min %u)"
>> +			   "...dropping this message!\n",
>> +			   pkt->total_data_buflen, rndis_pkt->data_len);
>> +		return;
>> +	}
> This is inappropriate.  Any logging message that is potentially remotely
> triggerable must at a minimum be rate limited.  But to be honest I'd
> much prefer a statistic counter for this kind of event, rather then
> a log message.
Maybe the badly described error message confuse you, this error can not be
triggered remotely, it is the RNDIS control messages, which is sent
between the host and the RNDIS device.

Remain this error message may help us to detect the host device driver
bugs or the netvsc ringbuffer bugs.

So how about to change the error message?

+	/*
+	 * Make sure we got a valid RNDIS message, now total_data_buflen
+	 * should be the data packet size plus the trailer padding size
+	 */
+	if (pkt->total_data_buflen < rndis_pkt->data_len) {
+		netdev_err(dev->net_dev->ndev, "rndis message buffer "
+			   "overflow detected (got %u, min %u)"
+			   "...dropping this message!\n",
+			   pkt->total_data_buflen, rndis_pkt->data_len);
+		return;
+	}


Regards



--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ