| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <662f9fc92a908_2e2f1d294c2@willemb.c.googlers.com.notmuch>
Date: Mon, 29 Apr 2024 09:25:29 -0400
From: Willem de Bruijn <willemdebruijn.kernel@...il.com>
To: shiming.cheng@...iatek.com,
willemdebruijn.kernel@...il.com,
edumazet@...gle.com,
davem@...emloft.net,
kuba@...nel.org,
pabeni@...hat.com,
matthias.bgg@...il.com
Cc: linux-kernel@...r.kernel.org,
netdev@...r.kernel.org,
shiming.cheng@...iatek.com,
Lena Wang <lena.wang@...iatek.com>
Subject: Re: [PATCH net] net: drop pulled SKB_GSO_FRAGLIST skb
shiming.cheng@ wrote:
> From: Shiming Cheng <shiming.cheng@...iatek.com>
>
> A SKB_GSO_FRAGLIST skb without GSO_BY_FRAGS is
> expected to have all segments except the last
> to be gso_size long. If this does not hold, the
> skb has been modified and the fraglist gso integrity
> is lost. Drop the packet, as it cannot be segmented
> correctly by skb_segment_list.
>
> The skb could be salvaged. By linearizing, dropping
> the SKB_GSO_FRAGLIST bit and entering the normal
> skb_segment path rather than the skb_segment_list path.
>
> That choice is currently made in the protocol caller,
> __udp_gso_segment. It's not trivial to add such a
> backup path here. So let's add this backstop against
> kernel crashes.
>
> Fixes: 3a1296a38d0c ("net: Support GRO/GSO fraglist chaining.")
> Signed-off-by: Shiming Cheng <shiming.cheng@...iatek.com>
> Signed-off-by: Lena Wang <lena.wang@...iatek.com>
Reviewed-by: Willem de Bruijn <willemb@...gle.com>
Powered by blists - more mailing lists