lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <60bc20c5-7512-44f7-88cb-abc540437ae1@heusel.eu>
Date: Thu, 8 Aug 2024 11:52:32 +0200
From: Christian Heusel <christian@...sel.eu>
To: Greg KH <gregkh@...uxfoundation.org>
Cc: avladu@...udbasesolutions.com, willemdebruijn.kernel@...il.com, 
	alexander.duyck@...il.com, arefev@...mel.ru, davem@...emloft.net, edumazet@...gle.com, 
	jasowang@...hat.com, kuba@...nel.org, mst@...hat.com, netdev@...r.kernel.org, 
	pabeni@...hat.com, stable@...r.kernel.org, willemb@...gle.com
Subject: Re: [PATCH net] net: drop bad gso csum_start and offset in
 virtio_net_hdr

On 24/08/08 08:38AM, Greg KH wrote:
> On Wed, Aug 07, 2024 at 08:34:48PM +0200, Christian Heusel wrote:
> > On 24/08/07 04:12PM, Greg KH wrote:
> > > On Mon, Aug 05, 2024 at 09:28:29PM +0000, avladu@...udbasesolutions.com wrote:
> > > > Hello,
> > > > 
> > > > This patch needs to be backported to the stable 6.1.x and 6.64.x branches, as the initial patch https://github.com/torvalds/linux/commit/e269d79c7d35aa3808b1f3c1737d63dab504ddc8 was backported a few days ago: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/include/linux/virtio_net.h?h=3Dv6.1.103&id=3D5b1997487a3f3373b0f580c8a20b56c1b64b0775
> > > > https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/include/linux/virtio_net.h?h=3Dv6.6.44&id=3D90d41ebe0cd4635f6410471efc1dd71b33e894cf
> > > 
> > > Please provide a working backport, the change does not properly
> > > cherry-pick.
> > > 
> > > greg k-h
> > 
> > Hey Greg, hey Sasha,
> > 
> > this patch also needs backporting to the 6.6.y and 6.10.y series as the
> > buggy commit was backported to to all three series.
> 
> What buggy commit?

The issue is that commit e269d79c7d35 ("net: missing check virtio")
introduces a bug which is fixed by 89add40066f9 ("net: drop bad gso
csum_start and offset in virtio_net_hdr") which it also carries a
"Fixes:" tag for.

Therefore it would be good to also get 89add40066f9 backported.

> And how was this tested, it does not apply cleanly to the trees for me
> at all.

I have tested this with the procedure as described in [0]:

    $ git switch linux-6.10.y
    $ git cherry-pick -x 89add40066f9ed9abe5f7f886fe5789ff7e0c50e
    Auto-merging net/ipv4/udp_offload.c
    [linux-6.10.y fbc0d2bea065] net: drop bad gso csum_start and offset in virtio_net_hdr
     Author: Willem de Bruijn <willemb@...gle.com>
     Date: Mon Jul 29 16:10:12 2024 -0400
     3 files changed, 12 insertions(+), 11 deletions(-)

This also works for linux-6.6.y, but not for linux-6.1.y, as it fails
with a merge error there.

The relevant commit is confirmed to fix the issue in the relevant Githu
issue here[1]:

    @marek22k commented
    > They both fix the problem for me.

> confused,

Sorry for the confusion! I hope the above clears things up a little :)

> greg k-h

Cheers,
Christian

[0]: https://lore.kernel.org/all/2024060624-platinum-ladies-9214@gregkh/
[1]: https://github.com/tailscale/tailscale/issues/13041#issuecomment-2272326491

Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ