WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

[Xen-devel] [2/4] [NET]: Update net-gso.patch

Hi:

[NET]: Update net-gso.patch

New changeset merged upstream:

    [TCP]: Reset gso_segs if packet is dodgy

    I wasn't paranoid enough in verifying GSO information.  A bogus gso_segs
    could upset drivers as much as a bogus header would.  Let's reset it in
    the per-protocol gso_segment functions.

    I didn't verify gso_size because that can be verified by the source of
    the dodgy packets.

    Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>

Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>

Cheers,
-- 
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
diff -r 617e4d3351f3 -r f6806ad757d5 patches/linux-2.6.16.13/net-gso.patch
--- a/patches/linux-2.6.16.13/net-gso.patch     Fri Jun 30 22:12:59 2006 +1000
+++ b/patches/linux-2.6.16.13/net-gso.patch     Fri Jun 30 22:16:02 2006 +1000
@@ -2225,7 +2225,7 @@ index d64e2ec..7494823 100644
        err = ipcomp_compress(x, skb);
        iph = skb->nh.iph;
 diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c
-index 00aa80e..84130c9 100644
+index 00aa80e..30c81a8 100644
 --- a/net/ipv4/tcp.c
 +++ b/net/ipv4/tcp.c
 @@ -257,6 +257,7 @@ #include <linux/smp_lock.h>
@@ -2281,7 +2281,7 @@ index 00aa80e..84130c9 100644
  
                        from += copy;
                        copied += copy;
-@@ -2026,6 +2021,71 @@ int tcp_getsockopt(struct sock *sk, int 
+@@ -2026,6 +2021,77 @@ int tcp_getsockopt(struct sock *sk, int 
  }
  
  
@@ -2306,12 +2306,18 @@ index 00aa80e..84130c9 100644
 +      if (!pskb_may_pull(skb, thlen))
 +              goto out;
 +
-+      segs = NULL;
-+      if (skb_gso_ok(skb, features | NETIF_F_GSO_ROBUST))
-+              goto out;
-+
 +      oldlen = (u16)~skb->len;
 +      __skb_pull(skb, thlen);
++
++      if (skb_gso_ok(skb, features | NETIF_F_GSO_ROBUST)) {
++              /* Packet is from an untrusted source, reset gso_segs. */
++              int mss = skb_shinfo(skb)->gso_size;
++
++              skb_shinfo(skb)->gso_segs = (skb->len + mss - 1) / mss;
++
++              segs = NULL;
++              goto out;
++      }
 +
 +      segs = skb_segment(skb, features);
 +      if (IS_ERR(segs))

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

<Prev in Thread] Current Thread [Next in Thread>