On 2021/3/5 5:38 下午, Philippe Mathieu-Daudé wrote:
On 3/5/21 7:26 AM, Jason Wang wrote:
Hi All:
Followed by commit 22dc8663d9 ("net: forbid the reentrant RX"), we
still need to fix the issues casued by loopback mode where the NIC
usually it via calling nc->info->receive() directly.
The fix is to introduce new network helper and check the
queue->delivering.
This series addresses CVE-2021-3416.
Thanks
Changes since V3:
- clarify CVE number in the commit log
- ident fix
Changes since V2:
- add more fixes from Alexander
Changes since V1:
- Fix dp8393x compiling
- Add rtl8139 fix
- Tweak the commit log
- Silent patchew warning
Alexander Bulekov (4):
rtl8139: switch to use qemu_receive_packet() for loopback
pcnet: switch to use qemu_receive_packet() for loopback
cadence_gem: switch to use qemu_receive_packet() for loopback
lan9118: switch to use qemu_receive_packet() for loopback
Jason Wang (6):
net: introduce qemu_receive_packet()
e1000: switch to use qemu_receive_packet() for loopback
dp8393x: switch to use qemu_receive_packet() for loopback packet
msf2-mac: switch to use qemu_receive_packet() for loopback
sungem: switch to use qemu_receive_packet() for loopback
tx_pkt: switch to use qemu_receive_packet_iov() for loopback
hw/net/cadence_gem.c | 4 ++--
hw/net/dp8393x.c | 2 +-
hw/net/e1000.c | 2 +-
hw/net/lan9118.c | 2 +-
hw/net/msf2-emac.c | 2 +-
hw/net/net_tx_pkt.c | 2 +-
hw/net/pcnet.c | 2 +-
hw/net/rtl8139.c | 2 +-
hw/net/sungem.c | 2 +-
include/net/net.h | 5 +++++
include/net/queue.h | 8 ++++++++
net/net.c | 38 +++++++++++++++++++++++++++++++-------
net/queue.c | 22 ++++++++++++++++++++++
13 files changed, 76 insertions(+), 17 deletions(-)
LGTM, maybe worth adding the "Cc: qemu-sta...@nongnu.org" tag
when applying.
Yes, will do.
Thanks