xen/netback: Ensure protocol headers don't fall in the non-linear area - starfive-tech/linux.git - StarFive Tech Linux Kernel for VisionFive (JH7110) boards (mirror)

diff options

author	Ross Lagerwall <ross.lagerwall@citrix.com>	2022-11-22 12:16:59 +0300
committer	Juergen Gross <jgross@suse.com>	2022-12-06 18:00:30 +0300
commit	ad7f402ae4f466647c3a669b8a6f3e5d4271c84a (patch)
tree	866672210017eefe20cb7052c9dc0edb6b267bd4 /init
parent	76dcd734eca23168cb008912c0f69ff408905235 (diff)
download	linux-ad7f402ae4f466647c3a669b8a6f3e5d4271c84a.tar.xz

xen/netback: Ensure protocol headers don't fall in the non-linear area

In some cases, the frontend may send a packet where the protocol headers are spread across multiple slots. This would result in netback creating an skb where the protocol headers spill over into the non-linear area. Some drivers and NICs don't handle this properly resulting in an interface reset or worse. This issue was introduced by the removal of an unconditional skb pull in the tx path to improve performance. Fix this without reintroducing the pull by setting up grant copy ops for as many slots as needed to reach the XEN_NETBACK_TX_COPY_LEN size. Adjust the rest of the code to handle multiple copy operations per skb. This is XSA-423 / CVE-2022-3643. Fixes: 7e5d7753956b ("xen-netback: remove unconditional __pskb_pull_tail() in guest Tx path") Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com> Reviewed-by: Paul Durrant <paul@xen.org> Signed-off-by: Juergen Gross <jgross@suse.com>

Diffstat (limited to 'init')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: