lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1521032565.2049.68.camel@perches.com>
Date:   Wed, 14 Mar 2018 06:02:45 -0700
From:   Joe Perches <joe@...ches.com>
To:     Michal Kalderon <Michal.Kalderon@...ium.com>, davem@...emloft.net
Cc:     netdev@...r.kernel.org, dledford@...hat.com, jgg@...lanox.com,
        linux-rdma@...r.kernel.org, Ariel Elior <Ariel.Elior@...ium.com>
Subject: Re: [PATCH net 2/2] qed: Fix non TCP packets should be dropped on
 iWARP ll2 connection

On Wed, 2018-03-14 at 14:49 +0200, Michal Kalderon wrote:
> FW workaround. The iWARP LL2 connection did not expect TCP packets
> to arrive on it's connection. The fix drops any non-tcp packets
[]
> diff --git a/drivers/net/ethernet/qlogic/qed/qed_iwarp.c b/drivers/net/ethernet/qlogic/qed/qed_iwarp.c
[]
> @@ -1703,6 +1703,13 @@ qed_iwarp_parse_rx_pkt(struct qed_hwfn *p_hwfn,
>  	iph = (struct iphdr *)((u8 *)(ethh) + eth_hlen);
>  
>  	if (eth_type == ETH_P_IP) {
> +		if (iph->protocol != IPPROTO_TCP) {
> +			DP_NOTICE(p_hwfn,
> +				  "Unexpected ip protocol on ll2 %x\n",
> +				  iph->protocol);
> +			return -EINVAL;
> +		}

Perhaps this should be ratelimited.

> +
>  		cm_info->local_ip[0] = ntohl(iph->daddr);
>  		cm_info->remote_ip[0] = ntohl(iph->saddr);
>  		cm_info->ip_version = TCP_IPV4;
> @@ -1711,6 +1718,14 @@ qed_iwarp_parse_rx_pkt(struct qed_hwfn *p_hwfn,
>  		*payload_len = ntohs(iph->tot_len) - ip_hlen;
>  	} else if (eth_type == ETH_P_IPV6) {
>  		ip6h = (struct ipv6hdr *)iph;
> +
> +		if (ip6h->nexthdr != IPPROTO_TCP) {
> +			DP_NOTICE(p_hwfn,
> +				  "Unexpected ip protocol on ll2 %x\n",
> +				  iph->protocol);
> +			return -EINVAL;

here too

> +		}
> +
>  		for (i = 0; i < 4; i++) {
>  			cm_info->local_ip[i] =
>  			    ntohl(ip6h->daddr.in6_u.u6_addr32[i]);

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ