lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 19 Sep 2014 16:14:35 -0700
From:	Prashant Sreedharan <prashant@...adcom.com>
To:	Eric Dumazet <eric.dumazet@...il.com>
CC:	Vladislav Yasevich <vyasevich@...il.com>, <netdev@...r.kernel.org>,
	Vladislav Yasevich <vyasevic@...hat.com>,
	Michael Chan <mchan@...adcom.com>
Subject: Re: [PATCH v2 2/2] tg3: Allow for receive of full-size 8021AD
 frames

On Fri, 2014-09-19 at 15:59 -0700, Eric Dumazet wrote:
> On Fri, 2014-09-19 at 18:23 -0400, Vladislav Yasevich wrote:
> > When receiving a vlan-tagged frame that still contains
> > a vlan header, the length of the packet will be greater
> > then MTU+ETH_HLEN since it will account of the extra
> > vlan header.  TG3 checks this for the case for 802.1Q,
> > but not for 802.1ad.  As a result, full sized 802.1ad
> > frames get dropped by the card.
> > 
> > Add a check for 802.1ad protocol when receiving full
> > sized frames.
> > 
> > Suggested-by: Prashant Sreedharan <prashant@...adcom.com>
> > CC: Prashant Sreedharan <prashant@...adcom.com>
> > CC: Michael Chan <mchan@...adcom.com>
> > Signed-off-by: Vladislav Yasevich <vyasevic@...hat.com>
> > ---
> >  drivers/net/ethernet/broadcom/tg3.c | 3 ++-
> >  1 file changed, 2 insertions(+), 1 deletion(-)
> > 
> > diff --git a/drivers/net/ethernet/broadcom/tg3.c b/drivers/net/ethernet/broadcom/tg3.c
> > index 0a0938d..4f674f9 100644
> > --- a/drivers/net/ethernet/broadcom/tg3.c
> > +++ b/drivers/net/ethernet/broadcom/tg3.c
> > @@ -6918,7 +6918,8 @@ static int tg3_rx(struct tg3_napi *tnapi, int budget)
> >  		skb->protocol = eth_type_trans(skb, tp->dev);
> >  
> >  		if (len > (tp->dev->mtu + ETH_HLEN) &&
> > -		    skb->protocol != htons(ETH_P_8021Q)) {
> > +		    skb->protocol != htons(ETH_P_8021Q) &&
> > +		    skb->protocol != htons(ETH_P_8021AD)) {
> >  			dev_kfree_skb_any(skb);
> >  			goto drop_it_no_recycle;
> >  		}
> 
> Really I do not understand what is the value of this check.
> 
> If NIC is dumb enough to send oversized frames, what prevents these
> frames being VLAN ones, and this test wont avoid the crash anyway ?
> 
The NIC will not receive frames of size > mtu + ETH_HLEN + VLAN_HLEN it
will update the oversize_frame count and drop it. The check is to make
sure the additional 4 bytes is due to a valid vlan header.


--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ