1144
> __do_sys_splice fs/splice.c:1350 [inline]
> __se_sys_splice fs/splice.c:1332 [inline]
> __x64_sys_splice+0x198/0x250 fs/splice.c:1332
> do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
>
> Fixes: 924a9bc362a5 ("net: check if protocol extracted by
> virti
,
packets from devices without the implementation are not checked at this
stage.
Fixes: 9274124f023b ("net: stricter validation of untrusted gso packets")
Signed-off-by: Balazs Nemeth
---
include/linux/virtio_net.h | 7 ++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --
. In addition, ensure that the header length is a multiple of four,
which should hold irrespective of the number of stacked labels.
Signed-off-by: Balazs Nemeth
---
net/mpls/mpls_gso.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/net/mpls/mpls_gso.c b/net/mpls/mpls_gso.c
index b1690149b6fa
skb, but the infinite loop will still
be prevented by the check in the gso layer.
Changes from v2 to v3:
- Remove unused *eth.
- Use MPLS_HLEN to also check if the MPLS header length is a multiple
of four.
Balazs Nemeth (2):
net: check if protocol extracted by virtio_net_hdr_set_proto is
corr
On Mon, 2021-03-08 at 09:17 -0700, David Ahern wrote:
> On 3/8/21 9:07 AM, Willem de Bruijn wrote:
> > > diff --git a/net/mpls/mpls_gso.c b/net/mpls/mpls_gso.c
> > > index b1690149b6fa..cc1b6457fc93 100644
> > > --- a/net/mpls/mpls_gso.c
> > > +++ b/net/mpls/mpls_gso.c
> > > @@ -27,7 +27,7 @@
,
packets from devices without the implementation are not checked at this
stage.
Fixes: 9274124f023b ("net: stricter validation of untrusted gso packets")
Signed-off-by: Balazs Nemeth
---
include/linux/virtio_net.h | 8 +++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --
-off-by: Balazs Nemeth
---
net/mpls/mpls_gso.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/mpls/mpls_gso.c b/net/mpls/mpls_gso.c
index b1690149b6fa..cc1b6457fc93 100644
--- a/net/mpls/mpls_gso.c
+++ b/net/mpls/mpls_gso.c
@@ -27,7 +27,7 @@ static struct sk_buff
eck in virtio_net_hdr_to_skb, but the infinite loop will still
be prevented by the check in the gso layer.
Balazs Nemeth (2):
net: check if protocol extracted by virtio_net_hdr_set_proto is
correct
net: avoid infinite loop in mpls_gso_segment when mpls_hlen == 0
include/linux/virtio_net.h | 8 +++-
net/m
On Mon, 2021-02-22 at 11:39 +0800, Jason Wang wrote:
>
> On 2021/2/19 10:55 下午, Willem de Bruijn wrote:
> > On Fri, Feb 19, 2021 at 3:53 AM Jason Wang
> > wrote:
> > >
> > > On 2021/2/18 11:50 下午, Willem de Bruijn wrote:
> > > > On Thu, Feb 1
. Instead,
check if the protocol in the packet actually matches the protocol set by
virtio_net_hdr_set_proto.
Fixes: 9274124f023b ("net: stricter validation of untrusted gso packets")
Signed-off-by: Balazs Nemeth
---
include/linux/virtio_net.h | 7 ++-
1 file changed, 6 insertions(+),
10 matches
Mail list logo