lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 14 Jan 2014 00:45:15 +0000 From: Ben Hutchings <bhutchings@...arflare.com> To: Greg Kroah-Hartman <gregkh@...uxfoundation.org>, "David S. Miller" <davem@...emloft.net> CC: <linux-kernel@...r.kernel.org>, <stable@...r.kernel.org>, linux-net-drivers <linux-net-drivers@...arflare.com> Subject: Re: [PATCH 3.12 40/77] sfc: Add length checks to efx_xmit_with_hwtstamp() and efx_ptp_is_ptp_tx() On Mon, 2014-01-13 at 16:28 -0800, Greg Kroah-Hartman wrote: > 3.12-stable review patch. If anyone has any objections, please let me know. > > ------------------ > > From: Ben Hutchings <bhutchings@...arflare.com> > > [ Upstream commit e5a498e943fbc497f236ab8cf31366c75f337ce6 ] > > efx_ptp_is_ptp_tx() must be robust against skbs from raw sockets that > have invalid IPv4 and UDP headers. > > Add checks that: > - the transport header has been found > - there is enough space between network and transport header offset > for an IPv4 header > - there is enough space after the transport header offset for a > UDP header > > Fixes: 7c236c43b838 ('sfc: Add support for IEEE-1588 PTP') All the PTP fixes for sfc (40-44 in this series) logically apply to 3.10.y as well. David, did you find conflicts there? Ben. > Signed-off-by: Ben Hutchings <bhutchings@...arflare.com> > Signed-off-by: David S. Miller <davem@...emloft.net> > Signed-off-by: Greg Kroah-Hartman <gregkh@...uxfoundation.org> > --- > drivers/net/ethernet/sfc/ptp.c | 4 ++++ > 1 file changed, 4 insertions(+) > > --- a/drivers/net/ethernet/sfc/ptp.c > +++ b/drivers/net/ethernet/sfc/ptp.c > @@ -989,7 +989,11 @@ bool efx_ptp_is_ptp_tx(struct efx_nic *e > skb->len >= PTP_MIN_LENGTH && > skb->len <= MC_CMD_PTP_IN_TRANSMIT_PACKET_MAXNUM && > likely(skb->protocol == htons(ETH_P_IP)) && > + skb_transport_header_was_set(skb) && > + skb_network_header_len(skb) >= sizeof(struct iphdr) && > ip_hdr(skb)->protocol == IPPROTO_UDP && > + skb_headlen(skb) >= > + skb_transport_offset(skb) + sizeof(struct udphdr) && > udp_hdr(skb)->dest == htons(PTP_EVENT_PORT); > } > > > -- Ben Hutchings, Staff Engineer, Solarflare Not speaking for my employer; that's the marketing department's job. They asked us to note that Solarflare product names are trademarked. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists