| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1414010838-20656-1-git-send-email-haiyangz@microsoft.com> Date: Wed, 22 Oct 2014 13:47:18 -0700 From: Haiyang Zhang <haiyangz@...rosoft.com> To: davem@...emloft.net, netdev@...r.kernel.org Cc: haiyangz@...rosoft.com, kys@...rosoft.com, olaf@...fle.de, jasowang@...hat.com, linux-kernel@...r.kernel.org, driverdev-devel@...uxdriverproject.org Subject: [PATCH net] hyperv: Fix the total_data_buflen in send path total_data_buflen is used by netvsc_send() to decide if a packet can be put into send buffer. It should also include the size of RNDIS message before the Ethernet frame. Otherwise, a messge with total size bigger than send_section_size may be copied into the send buffer, and cause data corruption. [Request to include this patch to the Stable branches] Signed-off-by: Haiyang Zhang <haiyangz@...rosoft.com> Reviewed-by: K. Y. Srinivasan <kys@...rosoft.com> --- drivers/net/hyperv/netvsc_drv.c | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/drivers/net/hyperv/netvsc_drv.c b/drivers/net/hyperv/netvsc_drv.c index 9e17d1a..78ec33f 100644 --- a/drivers/net/hyperv/netvsc_drv.c +++ b/drivers/net/hyperv/netvsc_drv.c @@ -550,6 +550,7 @@ do_lso: do_send: /* Start filling in the page buffers with the rndis hdr */ rndis_msg->msg_len += rndis_msg_size; + packet->total_data_buflen = rndis_msg->msg_len; packet->page_buf_cnt = init_page_array(rndis_msg, rndis_msg_size, skb, &packet->page_buf[0]); -- 1.7.1 -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists