[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH V4 7/7] xen-netback: don't disconnect frontend when seeing oversize packet

To: Ian Campbell <Ian.Campbell@xxxxxxxxxx>
From: Wei Liu <wei.liu2@xxxxxxxxxx>
Date: Mon, 15 Apr 2013 15:53:20 +0100
Cc: Wei Liu <wei.liu2@xxxxxxxxxx>, Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>, "netdev@xxxxxxxxxxxxxxx" <netdev@xxxxxxxxxxxxxxx>, xen-devel <xen-devel@xxxxxxxxxxxxx>, "annie.li@xxxxxxxxxx" <annie.li@xxxxxxxxxx>, William Dauchy <wdauchy@xxxxxxxxx>, "jbeulich@xxxxxxxx" <jbeulich@xxxxxxxx>, David Vrabel <david.vrabel@xxxxxxxxxx>
Delivery-date: Mon, 15 Apr 2013 14:53:39 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

On Mon, Apr 15, 2013 at 10:03:25AM +0100, Ian Campbell wrote:
> On Fri, 2013-04-12 at 18:17 +0100, William Dauchy wrote:
> > On Fri, Apr 12, 2013 at 4:24 PM, Wei Liu <wei.liu2@xxxxxxxxxx> wrote:
> > > Some frontend drivers are sending packets > 64 KiB in length. This length
> > > overflows the length field in the first slot making the following slots 
> > > have
> > > an invalid length.
> > >
> > > Turn this error back into a non-fatal error by dropping the packet. To 
> > > avoid
> > > having the following slots having fatal errors, consume all slots in the
> > > packet.
> > >
> > > This does not reopen the security hole in XSA-39 as if the packet as an
> > > invalid number of slots it will still hit fatal error case.
> > >
> > > Signed-off-by: David Vrabel <david.vrabel@xxxxxxxxxx>
> > > Signed-off-by: Wei Liu <wei.liu2@xxxxxxxxxx>
> > 
> > Maybe this should be tagged for stable? Maybe part of patch 6/7 as
> > well. I had to remove the part which was disabling the device because
> > of issues encountered in stable tree.
> 
> AFAICT the majority of this series (as well as perhaps some of Wei's
> earlier fixes) should be candidates for any stable tree which received
> the XSA-39 security fixes. Wei -- could you enumerate which patches are
> required to fixup the XSA-39 regressions?
> 

Are mechinical fixes such as removing redudent variables / changing log
messages candidates for stable? 1-4 are such kind of fixes.

5-7 are the real meat. If 1-4 are not taken to stable, they will need
small adjustment to apply, which is just trivial.


Wei.

> Ian.
> 

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH V4 7/7] xen-netback: don't disconnect frontend when seeing oversize packet
  - From: Ian Campbell
- Re: [Xen-devel] [PATCH V4 7/7] xen-netback: don't disconnect frontend when seeing oversize packet
  - From: Wei Liu

References:
- [Xen-devel] [PATCH V4 0/7] Bundle fixes for Xen netfront / netback
  - From: Wei Liu
- [Xen-devel] [PATCH V4 7/7] xen-netback: don't disconnect frontend when seeing oversize packet
  - From: Wei Liu
- Re: [Xen-devel] [PATCH V4 7/7] xen-netback: don't disconnect frontend when seeing oversize packet
  - From: William Dauchy
- Re: [Xen-devel] [PATCH V4 7/7] xen-netback: don't disconnect frontend when seeing oversize packet
  - From: Ian Campbell

Prev by Date: Re: [Xen-devel] 32-bit PV guests and 168 GB boundary
Next by Date: Re: [Xen-devel] [PATCH v4 1/2] libxl: postpone backend name resolution
Previous by thread: Re: [Xen-devel] [PATCH V4 7/7] xen-netback: don't disconnect frontend when seeing oversize packet
Next by thread: Re: [Xen-devel] [PATCH V4 7/7] xen-netback: don't disconnect frontend when seeing oversize packet
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.