| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 23 Aug 2016 16:49:13 -0700 (PDT)
From: David Miller <davem@...emloft.net>
To: zefir.kurtisi@...atec.com
Cc: netdev@...r.kernel.org, claudiu.manoil@...escale.com,
andrew@...n.ch
Subject: Re: [PATCH v2] gianfar: fix size of scatter-gathered frames
From: Zefir Kurtisi <zefir.kurtisi@...atec.com>
Date: Mon, 22 Aug 2016 15:58:12 +0200
> The current scatter-gather logic in gianfar is flawed, since
> it does not consider the eTSEC's RxBD 'Data Length' field is
> context depening: for the last fragment it contains the full
> frame size, while fragments contain the fragment size, which
> equals the value written to register MRBLR.
>
> This causes data corruption as soon as the hardware starts
> to fragment receiving frames. As a result, the size of
> fragmented frames is increased by
> (nr_frags - 1) * MRBLR
>
> We first noticed this issue working with DSA, where an ICMP
> request sized 1472 bytes causes the scatter-gather logic to
> kick in. The full Ethernet frame (1518) gets increased by
> DSA (4), GMAC_FCB_LEN (8), and FSL_GIANFAR_DEV_HAS_TIMER
> (priv->padding=8) to a total of 1538 octets, which is
> fragmented by the hardware and reconstructed by the driver
> to a 3074 octet frame.
>
> This patch fixes the problem by adjusting the size of
> the last fragment.
>
> It was tested by setting MRBLR to different multiples of
> 64, proving correct scatter-gather operation on frames
> with up to 9000 octets in size.
>
> Signed-off-by: Zefir Kurtisi <zefir.kurtisi@...atec.com>
Applied.
Powered by blists - more mailing lists