[PATCH net-next v9 2/5] ipsec: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld <ja...@zx2c4.com> Cc: Steffen Klassert <steffen.klass...@secunet.com> Cc: Herbert Xu <herb...@gondor.apana.org.au> Cc: "David S. Miller" <da...@davemloft.net> --- net/ipv4/ah4.c | 8 ++-- net/ipv4/esp4.c | 20

[PATCH net-next v9 2/5] ipsec: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld Cc: Steffen Klassert Cc: Herbert Xu Cc: "David S. Miller" --- net/ipv4/ah4.c | 8 ++-- net/ipv4/esp4.c | 20 +--- net/ipv6/ah6.c | 8 ++-- net/ipv6/esp6.c | 20 +--- 4 files changed, 38 insertions(+), 18

[PATCH net-next v9 3/5] rxrpc: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld <ja...@zx2c4.com> Cc: David Howells <dhowe...@redhat.com> --- net/rxrpc/rxkad.c | 19 ++- 1 file changed, 14 insertions(+), 5 deletions(-) diff --git a/net/rxrpc/rxkad.c b/net/rxrpc/rxkad.c index 1bb9b2ccc267..29fe20ad04aa 100644 ---

[PATCH net-next v9 5/5] virtio_net: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld <ja...@zx2c4.com> Cc: "Michael S. Tsirkin" <m...@redhat.com> Cc: Jason Wang <jasow...@redhat.com> --- drivers/net/virtio_net.c | 9 +++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/drivers/net/virtio_net.c b/dr

[PATCH net-next v9 3/5] rxrpc: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld Cc: David Howells --- net/rxrpc/rxkad.c | 19 ++- 1 file changed, 14 insertions(+), 5 deletions(-) diff --git a/net/rxrpc/rxkad.c b/net/rxrpc/rxkad.c index 1bb9b2ccc267..29fe20ad04aa 100644 --- a/net/rxrpc/rxkad.c +++ b/net/rxrpc/rxkad.c

[PATCH net-next v9 5/5] virtio_net: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld Cc: "Michael S. Tsirkin" Cc: Jason Wang --- drivers/net/virtio_net.c | 9 +++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/drivers/net/virtio_net.c b/drivers/net/virtio_net.c index 9320d96a1632..13fbe4b349c2 100644 --- a/d

[PATCH net-next v9 1/5] skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow

ecent MIPS changes that give it a separate IRQ stack, so that I could experience some worst-case situations. I found that limiting it to 24 layers deep yielded a good stack usage with room for safety, as well as being much deeper than any driver actually ever creates. Signed-off-by: Jason A. Don

[PATCH net-next v9 0/5] skb_to_sgvec hardening

nks to feedback from Dave Howells. Jason A. Donenfeld (5): skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow ipsec: check return value of skb_to_sgvec always rxrpc: check return value of skb_to_sgvec always macsec: check return value of skb_to_sgvec always virtio_net: check ret

[PATCH net-next v9 4/5] macsec: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld <ja...@zx2c4.com> Cc: Sabrina Dubroca <s...@queasysnail.net> --- drivers/net/macsec.c | 13 +++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/drivers/net/macsec.c b/drivers/net/macsec.c index cdc347be68f2..dfcb1e9

[PATCH net-next v9 0/5] skb_to_sgvec hardening

nks to feedback from Dave Howells. Jason A. Donenfeld (5): skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow ipsec: check return value of skb_to_sgvec always rxrpc: check return value of skb_to_sgvec always macsec: check return value of skb_to_sgvec always virtio_net: check ret

[PATCH net-next v9 4/5] macsec: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld Cc: Sabrina Dubroca --- drivers/net/macsec.c | 13 +++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/drivers/net/macsec.c b/drivers/net/macsec.c index cdc347be68f2..dfcb1e9d2ab2 100644 --- a/drivers/net/macsec.c +++ b/drivers/net

[PATCH net-next v9 1/5] skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow

ecent MIPS changes that give it a separate IRQ stack, so that I could experience some worst-case situations. I found that limiting it to 24 layers deep yielded a good stack usage with room for safety, as well as being much deeper than any driver actually ever creates. Signed-off-by: Jason A. Don

Re: [PATCH v8 3/5] rxrpc: check return value of skb_to_sgvec always

On Mon, May 15, 2017 at 3:11 PM, David Howells wrote: > skb_to_sgvec() can return -EMSGSIZE in some circumstances. You shouldn't > return -ENOMEM here in such a case. Noted. I'll fix this up for the next round.

Re: [PATCH v8 3/5] rxrpc: check return value of skb_to_sgvec always

On Mon, May 15, 2017 at 3:11 PM, David Howells wrote: > skb_to_sgvec() can return -EMSGSIZE in some circumstances. You shouldn't > return -ENOMEM here in such a case. Noted. I'll fix this up for the next round.

Re: [PATCH v8 1/5] skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow

On Mon, May 15, 2017 at 3:12 PM, David Howells wrote: > Is there a reason you moved skb_to_sgvec() in the file rather than just moving > the comment to it (since you moved the comment anyway)? 1) Because it's easier to understand skb_to_sgvec_nomark as a variant of

Re: [PATCH v8 1/5] skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow

On Mon, May 15, 2017 at 3:12 PM, David Howells wrote: > Is there a reason you moved skb_to_sgvec() in the file rather than just moving > the comment to it (since you moved the comment anyway)? 1) Because it's easier to understand skb_to_sgvec_nomark as a variant of skb_to_sgvec, so I'd rather

Re: Implementing Dynamic Rerouting in Kernel

On Thu, May 11, 2017 at 6:22 PM, Florian Fainelli wrote: > What you are looking for can be done using ipset-dns from Jason: > > https://git.zx2c4.com/ipset-dns/about/ Funny to see this project coming up. I actually ported this functionality into dnsmasq directly a few weeks

Re: Implementing Dynamic Rerouting in Kernel

On Thu, May 11, 2017 at 6:22 PM, Florian Fainelli wrote: > What you are looking for can be done using ipset-dns from Jason: > > https://git.zx2c4.com/ipset-dns/about/ Funny to see this project coming up. I actually ported this functionality into dnsmasq directly a few weeks after writing

[PATCH v8 5/5] virtio_net: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld <ja...@zx2c4.com> Cc: "Michael S. Tsirkin" <m...@redhat.com> Cc: Jason Wang <jasow...@redhat.com> --- drivers/net/virtio_net.c | 9 +++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/drivers/net/virtio_net.c b/dr

[PATCH v8 5/5] virtio_net: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld Cc: "Michael S. Tsirkin" Cc: Jason Wang --- drivers/net/virtio_net.c | 9 +++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/drivers/net/virtio_net.c b/drivers/net/virtio_net.c index 9320d96a1632..13fbe4b349c2 100644 --- a/d

[PATCH v8 1/5] skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow

ecent MIPS changes that give it a separate IRQ stack, so that I could experience some worst-case situations. I found that limiting it to 24 layers deep yielded a good stack usage with room for safety, as well as being much deeper than any driver actually ever creates. Signed-off-by: Jason A. Don

[PATCH v8 1/5] skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow

ecent MIPS changes that give it a separate IRQ stack, so that I could experience some worst-case situations. I found that limiting it to 24 layers deep yielded a good stack usage with room for safety, as well as being much deeper than any driver actually ever creates. Signed-off-by: Jason A. Don

[PATCH v8 3/5] rxrpc: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld <ja...@zx2c4.com> Cc: David Howells <dhowe...@redhat.com> --- net/rxrpc/rxkad.c | 13 ++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/net/rxrpc/rxkad.c b/net/rxrpc/rxkad.c index 1bb9b2ccc267..ecab9334e3c1 100644 ---

[PATCH v8 3/5] rxrpc: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld Cc: David Howells --- net/rxrpc/rxkad.c | 13 ++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/net/rxrpc/rxkad.c b/net/rxrpc/rxkad.c index 1bb9b2ccc267..ecab9334e3c1 100644 --- a/net/rxrpc/rxkad.c +++ b/net/rxrpc/rxkad.c @@ -227,7

[PATCH v8 4/5] macsec: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld <ja...@zx2c4.com> Cc: Sabrina Dubroca <s...@queasysnail.net> --- drivers/net/macsec.c | 13 +++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/drivers/net/macsec.c b/drivers/net/macsec.c index cdc347be68f2..dfcb1e9

[PATCH v8 4/5] macsec: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld Cc: Sabrina Dubroca --- drivers/net/macsec.c | 13 +++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/drivers/net/macsec.c b/drivers/net/macsec.c index cdc347be68f2..dfcb1e9d2ab2 100644 --- a/drivers/net/macsec.c +++ b/drivers/net

[PATCH v8 2/5] ipsec: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld <ja...@zx2c4.com> Cc: Steffen Klassert <steffen.klass...@secunet.com> Cc: Herbert Xu <herb...@gondor.apana.org.au> Cc: "David S. Miller" <da...@davemloft.net> --- net/ipv4/ah4.c | 8 ++-- net/ipv4/esp4.c | 20

[PATCH v8 2/5] ipsec: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld Cc: Steffen Klassert Cc: Herbert Xu Cc: "David S. Miller" --- net/ipv4/ah4.c | 8 ++-- net/ipv4/esp4.c | 20 +--- net/ipv6/ah6.c | 8 ++-- net/ipv6/esp6.c | 20 +--- 4 files changed, 38 insertions(+), 18

[PATCH v8 0/5] skb_to_sgvec hardening

ion. - Rebased against latest upstream ipsec changes. Jason A. Donenfeld (5): skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow ipsec: check return value of skb_to_sgvec always rxrpc: check return value of skb_to_sgvec always macsec: check return value of skb_to_sgvec always virtio_

[PATCH v8 0/5] skb_to_sgvec hardening

ion. - Rebased against latest upstream ipsec changes. Jason A. Donenfeld (5): skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow ipsec: check return value of skb_to_sgvec always rxrpc: check return value of skb_to_sgvec always macsec: check return value of skb_to_sgvec always virtio_

Re: [PATCH v7 5/5] virtio_net: check return value of skb_to_sgvec always

On Tue, May 9, 2017 at 3:50 PM, Jason A. Donenfeld <ja...@zx2c4.com> wrote: > num_sg = skb_to_sgvec(skb, sq->sg + 1, 0, skb->len) + 1; (The next submission of this will take into account this + 1 here. https://git.zx2c4.com/linux-dev/log/?h=jd/safe-skb-vec )

Re: [PATCH v7 5/5] virtio_net: check return value of skb_to_sgvec always

On Tue, May 9, 2017 at 3:50 PM, Jason A. Donenfeld wrote: > num_sg = skb_to_sgvec(skb, sq->sg + 1, 0, skb->len) + 1; (The next submission of this will take into account this + 1 here. https://git.zx2c4.com/linux-dev/log/?h=jd/safe-skb-vec )

Re: [PATCH v7 2/5] ipsec: check return value of skb_to_sgvec always

(The next submission of this ipsec patch will have this rebased over the latest upstream tree. https://git.zx2c4.com/linux-dev/log/?h=jd/safe-skb-vec )

Re: [PATCH v7 2/5] ipsec: check return value of skb_to_sgvec always

(The next submission of this ipsec patch will have this rebased over the latest upstream tree. https://git.zx2c4.com/linux-dev/log/?h=jd/safe-skb-vec )

Re: [PATCH v7 0/5] skb_to_sgvec hardening

On Tue, May 9, 2017 at 4:03 PM, Johannes Berg wrote: > Perhaps you should add __must_check annotation to the function > prototype(s)? Great idea. I've started doing this in my own code. Wasn't sure how popular it was outside of there, but I'm glad to hear a suggestion

Re: [PATCH v7 0/5] skb_to_sgvec hardening

On Tue, May 9, 2017 at 4:03 PM, Johannes Berg wrote: > Perhaps you should add __must_check annotation to the function > prototype(s)? Great idea. I've started doing this in my own code. Wasn't sure how popular it was outside of there, but I'm glad to hear a suggestion of it now. I'll have this

[PATCH v7 3/5] rxrpc: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld <ja...@zx2c4.com> Cc: David Howells <dhowe...@redhat.com> --- net/rxrpc/rxkad.c | 13 ++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/net/rxrpc/rxkad.c b/net/rxrpc/rxkad.c index 4374e7b9c7bf..486026689448 100644 ---

[PATCH v7 3/5] rxrpc: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld Cc: David Howells --- net/rxrpc/rxkad.c | 13 ++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/net/rxrpc/rxkad.c b/net/rxrpc/rxkad.c index 4374e7b9c7bf..486026689448 100644 --- a/net/rxrpc/rxkad.c +++ b/net/rxrpc/rxkad.c @@ -229,7

[PATCH v7 4/5] macsec: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld <ja...@zx2c4.com> Cc: Sabrina Dubroca <s...@queasysnail.net> --- drivers/net/macsec.c | 13 +++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/drivers/net/macsec.c b/drivers/net/macsec.c index 49ce4e9f4a0f..e022e3f

[PATCH v7 4/5] macsec: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld Cc: Sabrina Dubroca --- drivers/net/macsec.c | 13 +++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/drivers/net/macsec.c b/drivers/net/macsec.c index 49ce4e9f4a0f..e022e3fcd012 100644 --- a/drivers/net/macsec.c +++ b/drivers/net

[PATCH v7 2/5] ipsec: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld <ja...@zx2c4.com> Cc: Steffen Klassert <steffen.klass...@secunet.com> Cc: Herbert Xu <herb...@gondor.apana.org.au> Cc: "David S. Miller" <da...@davemloft.net> --- net/ipv4/ah4.c | 8 ++-- net/ipv4/esp4.c | 30

[PATCH v7 5/5] virtio_net: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld <ja...@zx2c4.com> Cc: "Michael S. Tsirkin" <m...@redhat.com> Cc: Jason Wang <jasow...@redhat.com> --- drivers/net/virtio_net.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/drivers/net/virtio_net.c b/dr

[PATCH v7 2/5] ipsec: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld Cc: Steffen Klassert Cc: Herbert Xu Cc: "David S. Miller" --- net/ipv4/ah4.c | 8 ++-- net/ipv4/esp4.c | 30 -- net/ipv6/ah6.c | 8 ++-- net/ipv6/esp6.c | 31 +-- 4 files c

[PATCH v7 5/5] virtio_net: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld Cc: "Michael S. Tsirkin" Cc: Jason Wang --- drivers/net/virtio_net.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/drivers/net/virtio_net.c b/drivers/net/virtio_net.c index f36584616e7d..1709fd0b4bf7 100644 --- a/d

[PATCH v7 0/5] skb_to_sgvec hardening

: 1) When the passed in sglist is too small; and 2) When the passed in skbuff is too deeply nested. So, the first patch in this series handles the issues with skb_to_sgvec directly, and the remaining ones then handle the call sites. Jason A. Donenfeld (5): skbuff: return -EMSGSIZE

[PATCH v7 1/5] skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow

ecent MIPS changes that give it a separate IRQ stack, so that I could experience some worst-case situations. I found that limiting it to 24 layers deep yielded a good stack usage with room for safety, as well as being much deeper than any driver actually ever creates. Signed-off-by: Jason A. Don

[PATCH v7 0/5] skb_to_sgvec hardening

: 1) When the passed in sglist is too small; and 2) When the passed in skbuff is too deeply nested. So, the first patch in this series handles the issues with skb_to_sgvec directly, and the remaining ones then handle the call sites. Jason A. Donenfeld (5): skbuff: return -EMSGSIZE

[PATCH v7 1/5] skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow

ecent MIPS changes that give it a separate IRQ stack, so that I could experience some worst-case situations. I found that limiting it to 24 layers deep yielded a good stack usage with room for safety, as well as being much deeper than any driver actually ever creates. Signed-off-by: Jason A. Don

Re: crypto_memneq not backported to 3.10

Hey Willy, On Sun, Apr 9, 2017 at 3:25 PM, Willy Tarreau <w...@1wt.eu> wrote: > > Hi Jason, > > On Sun, Apr 09, 2017 at 02:59:53PM +0200, Jason A. Donenfeld wrote: > > Hey Willy, > > > > Linux 3.10 is inexplicably missing crypto_memneq, making all crypto >

Re: crypto_memneq not backported to 3.10

Hey Willy, On Sun, Apr 9, 2017 at 3:25 PM, Willy Tarreau wrote: > > Hi Jason, > > On Sun, Apr 09, 2017 at 02:59:53PM +0200, Jason A. Donenfeld wrote: > > Hey Willy, > > > > Linux 3.10 is inexplicably missing crypto_memneq, making all crypto > > mac compariso

Re: [PATCH v6 1/5] skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow

Hi Sabrina, On Fri, Apr 28, 2017 at 6:18 PM, Sabrina Dubroca wrote: > One small thing here: since you're touching this comment, could you > move it next to skb_to_sgvec, since that's the function it's supposed > to document? Done. I'll wait until next week to resubmit, to

Re: [PATCH v6 1/5] skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow

Hi Sabrina, On Fri, Apr 28, 2017 at 6:18 PM, Sabrina Dubroca wrote: > One small thing here: since you're touching this comment, could you > move it next to skb_to_sgvec, since that's the function it's supposed > to document? Done. I'll wait until next week to resubmit, to give some more time

Re: [PATCH v6 3/5] rxrpc: check return value of skb_to_sgvec always

Hi Sabrina, Thanks for the review. On Fri, Apr 28, 2017 at 1:41 PM, Sabrina Dubroca wrote: > > sg_init_table(sg, nsg); > > - skb_to_sgvec(skb, sg, offset, len); > > + if (unlikely(skb_to_sgvec(skb, sg, offset, len) < 0)) > > + goto nomem; > >

Re: [PATCH v6 3/5] rxrpc: check return value of skb_to_sgvec always

Hi Sabrina, Thanks for the review. On Fri, Apr 28, 2017 at 1:41 PM, Sabrina Dubroca wrote: > > sg_init_table(sg, nsg); > > - skb_to_sgvec(skb, sg, offset, len); > > + if (unlikely(skb_to_sgvec(skb, sg, offset, len) < 0)) > > + goto nomem; > > You're leaking sg when nsg

Re: [PATCH v6 1/5] skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow

On Thu, Apr 27, 2017 at 1:30 PM, Sabrina Dubroca wrote: > Hmm, I think this can actually happen: Alright, perhaps better to err on the side of caution, then. Jason

Re: [PATCH v6 1/5] skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow

On Thu, Apr 27, 2017 at 1:30 PM, Sabrina Dubroca wrote: > Hmm, I think this can actually happen: Alright, perhaps better to err on the side of caution, then. Jason

Re: [PATCH v6 1/5] skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow

Hey Dave, David Laight and I have been discussing offlist. It occurred to both of us that this could just be turned into a loop because perhaps this is actually just tail-recursive. Upon further inspection, however, the way the current algorithm works, it's possible that each of the fraglist skbs

Re: [PATCH v6 1/5] skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow

Hey Dave, David Laight and I have been discussing offlist. It occurred to both of us that this could just be turned into a loop because perhaps this is actually just tail-recursive. Upon further inspection, however, the way the current algorithm works, it's possible that each of the fraglist skbs

[PATCH v6 3/5] rxrpc: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld <ja...@zx2c4.com> --- net/rxrpc/rxkad.c | 10 +++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/net/rxrpc/rxkad.c b/net/rxrpc/rxkad.c index 4374e7b9c7bf..dcf46c9c3ece 100644 --- a/net/rxrpc/rxkad.c +++ b/net/rxrpc/rxkad.c @@ -229,7

[PATCH v6 3/5] rxrpc: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld --- net/rxrpc/rxkad.c | 10 +++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/net/rxrpc/rxkad.c b/net/rxrpc/rxkad.c index 4374e7b9c7bf..dcf46c9c3ece 100644 --- a/net/rxrpc/rxkad.c +++ b/net/rxrpc/rxkad.c @@ -229,7 +229,9 @@ static int

[PATCH v6 2/5] ipsec: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld <ja...@zx2c4.com> --- net/ipv4/ah4.c | 8 ++-- net/ipv4/esp4.c | 30 -- net/ipv6/ah6.c | 8 ++-- net/ipv6/esp6.c | 31 +-- 4 files changed, 53 insertions(+), 24 deletions(-) diff --git

[PATCH v6 5/5] virtio_net: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld <ja...@zx2c4.com> --- drivers/net/virtio_net.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/drivers/net/virtio_net.c b/drivers/net/virtio_net.c index f36584616e7d..1709fd0b4bf7 100644 --- a/drivers/net/virtio_net.c +++ b/drive

[PATCH v6 4/5] macsec: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld <ja...@zx2c4.com> --- drivers/net/macsec.c | 13 +++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/drivers/net/macsec.c b/drivers/net/macsec.c index dbab05afcdbe..d846f42b99ec 100644 --- a/drivers/net/macsec.c +++ b/drivers/net/ma

[PATCH v6 2/5] ipsec: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld --- net/ipv4/ah4.c | 8 ++-- net/ipv4/esp4.c | 30 -- net/ipv6/ah6.c | 8 ++-- net/ipv6/esp6.c | 31 +-- 4 files changed, 53 insertions(+), 24 deletions(-) diff --git a/net/ipv4/ah4.c b/net

[PATCH v6 5/5] virtio_net: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld --- drivers/net/virtio_net.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/drivers/net/virtio_net.c b/drivers/net/virtio_net.c index f36584616e7d..1709fd0b4bf7 100644 --- a/drivers/net/virtio_net.c +++ b/drivers/net/virtio_net.c

[PATCH v6 4/5] macsec: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld --- drivers/net/macsec.c | 13 +++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/drivers/net/macsec.c b/drivers/net/macsec.c index dbab05afcdbe..d846f42b99ec 100644 --- a/drivers/net/macsec.c +++ b/drivers/net/macsec.c @@ -733,7

[PATCH v6 1/5] skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow

sily avoid here. Signed-off-by: Jason A. Donenfeld <ja...@zx2c4.com> --- Changes v5->v6: * Use unlikely() for the rare overflow conditions. * Also bound recursion, since this is a potential disaster we can avert. net/core/skbuff.c | 31 --- 1 file cha

[PATCH v6 1/5] skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow

sily avoid here. Signed-off-by: Jason A. Donenfeld --- Changes v5->v6: * Use unlikely() for the rare overflow conditions. * Also bound recursion, since this is a potential disaster we can avert. net/core/skbuff.c | 31 --- 1 file changed, 24 insertions(+)

[PATCH v2] macsec: dynamically allocate space for sglist

We call skb_cow_data, which is good anyway to ensure we can actually modify the skb as such (another error from prior). Now that we have the number of fragments required, we can safely allocate exactly that amount of memory. Signed-off-by: Jason A. Donenfeld <ja...@zx2c4.com> Cc: Sabrina D

[PATCH v2] macsec: dynamically allocate space for sglist

We call skb_cow_data, which is good anyway to ensure we can actually modify the skb as such (another error from prior). Now that we have the number of fragments required, we can safely allocate exactly that amount of memory. Signed-off-by: Jason A. Donenfeld Cc: Sabrina Dubroca Cc: secur

[PATCH v5 3/5] rxrpc: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld <ja...@zx2c4.com> --- net/rxrpc/rxkad.c | 10 +++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/net/rxrpc/rxkad.c b/net/rxrpc/rxkad.c index 4374e7b9c7bf..dcf46c9c3ece 100644 --- a/net/rxrpc/rxkad.c +++ b/net/rxrpc/rxkad.c @@ -229,7

[PATCH v5 3/5] rxrpc: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld --- net/rxrpc/rxkad.c | 10 +++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/net/rxrpc/rxkad.c b/net/rxrpc/rxkad.c index 4374e7b9c7bf..dcf46c9c3ece 100644 --- a/net/rxrpc/rxkad.c +++ b/net/rxrpc/rxkad.c @@ -229,7 +229,9 @@ static int

[PATCH v5 4/5] macsec: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld <ja...@zx2c4.com> --- drivers/net/macsec.c | 13 +++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/drivers/net/macsec.c b/drivers/net/macsec.c index dbab05afcdbe..d846f42b99ec 100644 --- a/drivers/net/macsec.c +++ b/drivers/net/ma

[PATCH v5 4/5] macsec: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld --- drivers/net/macsec.c | 13 +++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/drivers/net/macsec.c b/drivers/net/macsec.c index dbab05afcdbe..d846f42b99ec 100644 --- a/drivers/net/macsec.c +++ b/drivers/net/macsec.c @@ -733,7

[PATCH v5 5/5] virtio_net: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld <ja...@zx2c4.com> --- drivers/net/virtio_net.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/drivers/net/virtio_net.c b/drivers/net/virtio_net.c index f36584616e7d..1709fd0b4bf7 100644 --- a/drivers/net/virtio_net.c +++ b/drive

[PATCH v5 5/5] virtio_net: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld --- drivers/net/virtio_net.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/drivers/net/virtio_net.c b/drivers/net/virtio_net.c index f36584616e7d..1709fd0b4bf7 100644 --- a/drivers/net/virtio_net.c +++ b/drivers/net/virtio_net.c

[PATCH v5 2/5] ipsec: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld <ja...@zx2c4.com> --- net/ipv4/ah4.c | 8 ++-- net/ipv4/esp4.c | 30 -- net/ipv6/ah6.c | 8 ++-- net/ipv6/esp6.c | 31 +-- 4 files changed, 53 insertions(+), 24 deletions(-) diff --git

[PATCH v5 1/5] skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow

This is a defense-in-depth measure in response to bugs like 4d6fa57b4dab ("macsec: avoid heap overflow in skb_to_sgvec") Signed-off-by: Jason A. Donenfeld <ja...@zx2c4.com> --- This is a resend of v4 with all the other child commits along with it. net/core/skbuff.c | 12

[PATCH v5 2/5] ipsec: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld --- net/ipv4/ah4.c | 8 ++-- net/ipv4/esp4.c | 30 -- net/ipv6/ah6.c | 8 ++-- net/ipv6/esp6.c | 31 +-- 4 files changed, 53 insertions(+), 24 deletions(-) diff --git a/net/ipv4/ah4.c b/net

[PATCH v5 1/5] skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow

This is a defense-in-depth measure in response to bugs like 4d6fa57b4dab ("macsec: avoid heap overflow in skb_to_sgvec") Signed-off-by: Jason A. Donenfeld --- This is a resend of v4 with all the other child commits along with it. net/core/skbuff.c | 12 +++- 1 file c

[PATCH] macsec: dynamically allocate space for sglist

We call skb_cow_data, which is good anyway to ensure we can actually modify the skb as such (another error from prior). Now that we have the number of fragments required, we can safely allocate exactly that amount of memory. Signed-off-by: Jason A. Donenfeld <ja...@zx2c4.com> Cc: Sabrina D

[PATCH] macsec: dynamically allocate space for sglist

We call skb_cow_data, which is good anyway to ensure we can actually modify the skb as such (another error from prior). Now that we have the number of fragments required, we can safely allocate exactly that amount of memory. Signed-off-by: Jason A. Donenfeld Cc: Sabrina Dubroca Cc: secur

Re: [PATCH] macsec: avoid heap overflow in skb_to_sgvec

On Tue, Apr 25, 2017 at 5:12 PM, Sabrina Dubroca wrote: >> https://patchwork.ozlabs.org/patch/754861/ > > Yes, that prevents the overflow, but now you're just dropping > packets. Right, it's a so-called "defense-in-depth" measure. > I'll review that later, let's fix the

Re: [PATCH] macsec: avoid heap overflow in skb_to_sgvec

On Tue, Apr 25, 2017 at 5:12 PM, Sabrina Dubroca wrote: >> https://patchwork.ozlabs.org/patch/754861/ > > Yes, that prevents the overflow, but now you're just dropping > packets. Right, it's a so-called "defense-in-depth" measure. > I'll review that later, let's fix the overflow without >

Re: [PATCH] macsec: avoid heap overflow in skb_to_sgvec

Hi Sabrina, On Tue, Apr 25, 2017 at 4:53 PM, Sabrina Dubroca wrote: > Ugh, good catch :/ > > AFAICT this patch doesn't really help, because NETIF_F_FRAGLIST > doesn't get tested in paths that can lead to triggering this. You're right. This fixes the xmit() path, but not

Re: [PATCH] macsec: avoid heap overflow in skb_to_sgvec

Hi Sabrina, On Tue, Apr 25, 2017 at 4:53 PM, Sabrina Dubroca wrote: > Ugh, good catch :/ > > AFAICT this patch doesn't really help, because NETIF_F_FRAGLIST > doesn't get tested in paths that can lead to triggering this. You're right. This fixes the xmit() path, but not the receive path, which

[PATCH v4 1/5] skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow

This is a defense-in-depth measure in response to bugs like 4d6fa57b4dab ("macsec: avoid heap overflow in skb_to_sgvec") Signed-off-by: Jason A. Donenfeld <ja...@zx2c4.com> --- v4 fixes the commit message and moves the check into the inner-most if. net/core/skbuff.c | 12

[PATCH v4 1/5] skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow

This is a defense-in-depth measure in response to bugs like 4d6fa57b4dab ("macsec: avoid heap overflow in skb_to_sgvec") Signed-off-by: Jason A. Donenfeld --- v4 fixes the commit message and moves the check into the inner-most if. net/core/skbuff.c | 12 +++- 1 file c

[PATCH v3 1/5] skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow

This is a defense-in-depth measure in response to bugs like 4d6fa57b4dab0d77f4d8e9d9c73d1e63f6fe8fee. Signed-off-by: Jason A. Donenfeld <ja...@zx2c4.com> --- Sorry for the completely stupid amount of churn - v1,v2,v3 in the span of two minutes. It's just that after noticing first that nsg

[PATCH v3 1/5] skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow

This is a defense-in-depth measure in response to bugs like 4d6fa57b4dab0d77f4d8e9d9c73d1e63f6fe8fee. Signed-off-by: Jason A. Donenfeld --- Sorry for the completely stupid amount of churn - v1,v2,v3 in the span of two minutes. It's just that after noticing first that nsg needs to be checked, I

[PATCH v2 1/5] skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow

This is a defense-in-depth measure in response to bugs like 4d6fa57b4dab0d77f4d8e9d9c73d1e63f6fe8fee. Signed-off-by: Jason A. Donenfeld <ja...@zx2c4.com> --- net/core/skbuff.c | 13 - 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/net/core/skbuff.c b/net/core/sk

[PATCH v2 1/5] skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow

This is a defense-in-depth measure in response to bugs like 4d6fa57b4dab0d77f4d8e9d9c73d1e63f6fe8fee. Signed-off-by: Jason A. Donenfeld --- net/core/skbuff.c | 13 - 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/net/core/skbuff.c b/net/core/skbuff.c index

[PATCH 4/5] macsec: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld <ja...@zx2c4.com> --- drivers/net/macsec.c | 13 +++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/drivers/net/macsec.c b/drivers/net/macsec.c index dbab05afcdbe..d846f42b99ec 100644 --- a/drivers/net/macsec.c +++ b/drivers/net/ma

[PATCH 2/5] ipsec: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld <ja...@zx2c4.com> --- net/ipv4/ah4.c | 8 ++-- net/ipv4/esp4.c | 30 -- net/ipv6/ah6.c | 8 ++-- net/ipv6/esp6.c | 31 +-- 4 files changed, 53 insertions(+), 24 deletions(-) diff --git

[PATCH 4/5] macsec: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld --- drivers/net/macsec.c | 13 +++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/drivers/net/macsec.c b/drivers/net/macsec.c index dbab05afcdbe..d846f42b99ec 100644 --- a/drivers/net/macsec.c +++ b/drivers/net/macsec.c @@ -733,7

[PATCH 2/5] ipsec: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld --- net/ipv4/ah4.c | 8 ++-- net/ipv4/esp4.c | 30 -- net/ipv6/ah6.c | 8 ++-- net/ipv6/esp6.c | 31 +-- 4 files changed, 53 insertions(+), 24 deletions(-) diff --git a/net/ipv4/ah4.c b/net

[PATCH 3/5] rxrpc: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld <ja...@zx2c4.com> --- net/rxrpc/rxkad.c | 10 +++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/net/rxrpc/rxkad.c b/net/rxrpc/rxkad.c index 4374e7b9c7bf..dcf46c9c3ece 100644 --- a/net/rxrpc/rxkad.c +++ b/net/rxrpc/rxkad.c @@ -229,7

[PATCH 3/5] rxrpc: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld --- net/rxrpc/rxkad.c | 10 +++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/net/rxrpc/rxkad.c b/net/rxrpc/rxkad.c index 4374e7b9c7bf..dcf46c9c3ece 100644 --- a/net/rxrpc/rxkad.c +++ b/net/rxrpc/rxkad.c @@ -229,7 +229,9 @@ static int

[PATCH 5/5] virtio_net: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld <ja...@zx2c4.com> --- drivers/net/virtio_net.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/drivers/net/virtio_net.c b/drivers/net/virtio_net.c index f36584616e7d..1709fd0b4bf7 100644 --- a/drivers/net/virtio_net.c +++ b/drive

[PATCH 5/5] virtio_net: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld --- drivers/net/virtio_net.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/drivers/net/virtio_net.c b/drivers/net/virtio_net.c index f36584616e7d..1709fd0b4bf7 100644 --- a/drivers/net/virtio_net.c +++ b/drivers/net/virtio_net.c

<    4   5   6   7   8   9   10   11   12   13   >