Re: [PATCH] gro: check returned skb of napi_frags_skb() against NULL

From: Eric Dumazet
Date: Thu Jul 06 2023 - 09:53:10 EST

Next message: Krzysztof Kozlowski: "Re: [PATCH v3 2/3] dt-bindings: clock: imx8-clock: Add audio clock mux related clock"
Previous message: Krzysztof Kozlowski: "Re: [PATCH v3 1/3] dt-bindings: clock: fsl,imx8-acm: Add audio clock mux support"
In reply to: Kaiyu Zhang: "[PATCH] gro: check returned skb of napi_frags_skb() against NULL"
Next in thread: Eric Dumazet: "Re: [PATCH] gro: check returned skb of napi_frags_skb() against NULL"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Jul 6, 2023 at 3:08 PM Kaiyu Zhang <squirrel.prog@xxxxxxxxx> wrote:
>
> Some rogue network adapter and their driver pass bad skbs to GRO.
> napi_frags_skb() detects this, drops these bad skbs, and return NULL
> to napi_gro_frags(), which does not check returned skb against NULL
> and access it. This results in a kernel crash.
>
> A better approach to address these bad skbs would be to issue some
> warnings and drop them, which napi_frags_skb() already does, and
> move on without crashing the kernel.
>

Certainly not.

We are not going to try to be nice to buggy drivers.

Please fix the "rogue network adapter" instead.

Next message: Krzysztof Kozlowski: "Re: [PATCH v3 2/3] dt-bindings: clock: imx8-clock: Add audio clock mux related clock"
Previous message: Krzysztof Kozlowski: "Re: [PATCH v3 1/3] dt-bindings: clock: fsl,imx8-acm: Add audio clock mux support"
In reply to: Kaiyu Zhang: "[PATCH] gro: check returned skb of napi_frags_skb() against NULL"
Next in thread: Eric Dumazet: "Re: [PATCH] gro: check returned skb of napi_frags_skb() against NULL"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]