| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20170713153934.317285073@linuxfoundation.org>
Date: Thu, 13 Jul 2017 17:42:44 +0200
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: linux-kernel@...r.kernel.org
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
stable@...r.kernel.org, Felix Fietkau <nbd@...nwrt.org>,
"David S. Miller" <davem@...emloft.net>,
Amit Pundir <amit.pundir@...aro.org>
Subject: [PATCH 3.18 04/22] bgmac: add check for oversized packets
3.18-stable review patch. If anyone has any objections, please let me know.
------------------
From: Felix Fietkau <nbd@...nwrt.org>
commit 6a6c708469c9e10fd87adcc3abff164270538d62 upstream.
In very rare cases, the MAC can catch an internal buffer that is bigger
than it's supposed to be. Instead of crashing the kernel, simply pass
the buffer back to the hardware
Signed-off-by: Felix Fietkau <nbd@...nwrt.org>
Signed-off-by: David S. Miller <davem@...emloft.net>
Signed-off-by: Amit Pundir <amit.pundir@...aro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
---
drivers/net/ethernet/broadcom/bgmac.c | 7 +++++++
1 file changed, 7 insertions(+)
--- a/drivers/net/ethernet/broadcom/bgmac.c
+++ b/drivers/net/ethernet/broadcom/bgmac.c
@@ -373,6 +373,13 @@ static int bgmac_dma_rx_read(struct bgma
break;
}
+ if (len > BGMAC_RX_ALLOC_SIZE) {
+ bgmac_err(bgmac, "Found oversized packet at slot %d, DMA issue!\n",
+ ring->start);
+ put_page(virt_to_head_page(buf));
+ break;
+ }
+
/* Omit CRC. */
len -= ETH_FCS_LEN;
Powered by blists - more mailing lists