Re: [PATCH net-next] hv_netvsc: Copy packets sent by Hyper-V out of the receive buffer

From: Andrea Parri
Date: Tue Jan 26 2021 - 09:35:37 EST

Next message: Jiri Kosina: "Re: [PATCH 0/2 v2] HID: fix some kernel-doc notations"
Previous message: Pavel Tatashin: "Re: [PATCH v3 1/1] loop: scale loop device by introducing per device lock"
In reply to: Andrea Parri (Microsoft): "[PATCH net-next] hv_netvsc: Copy packets sent by Hyper-V out of the receive buffer"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Jan 26, 2021 at 12:38:47PM +0100, Andrea Parri (Microsoft) wrote:
> Pointers to receive-buffer packets sent by Hyper-V are used within the
> guest VM. Hyper-V can send packets with erroneous values or modify
> packet fields after they are processed by the guest. To defend against
> these scenarios, copy (sections of) the incoming packet after validating
> their length and offset fields in netvsc_filter_receive(). In this way,
> the packet can no longer be modified by the host.
>
> Reported-by: Juan Vazquez <juvazq@xxxxxxxxxxxxx>
> Signed-off-by: Andrea Parri (Microsoft) <parri.andrea@xxxxxxxxx>
> Cc: "David S. Miller" <davem@xxxxxxxxxxxxx>
> Cc: Jakub Kicinski <kuba@xxxxxxxxxx>
> Cc: netdev@xxxxxxxxxxxxxxx

Please ignore this submission, I'm sending a new version shortly... Sorry for
the hassle.

Andrea

Next message: Jiri Kosina: "Re: [PATCH 0/2 v2] HID: fix some kernel-doc notations"
Previous message: Pavel Tatashin: "Re: [PATCH v3 1/1] loop: scale loop device by introducing per device lock"
In reply to: Andrea Parri (Microsoft): "[PATCH net-next] hv_netvsc: Copy packets sent by Hyper-V out of the receive buffer"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]