Re: [PATCH net v2] r8169: Fix possible ring buffer corruption on fragmented Tx packets.

From: Heiner Kallweit
Date: Wed May 22 2024 - 01:35:22 EST

Next message: Sameer Pujar: "Re: [RESEND PATCH 1/2] dt-bindings: dma: Add reg-names to nvidia,tegra210-adma"
Previous message: Heiner Kallweit: "Re: linux-next: build failure after merge of the i2c-host tree"
In reply to: Ken Milmore: "[PATCH net v2] r8169: Fix possible ring buffer corruption on fragmented Tx packets."
Next in thread: patchwork-bot+netdevbpf: "Re: [PATCH net v2] r8169: Fix possible ring buffer corruption on fragmented Tx packets."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 22.05.2024 00:45, Ken Milmore wrote:
> An issue was found on the RTL8125b when transmitting small fragmented
> packets, whereby invalid entries were inserted into the transmit ring
> buffer, subsequently leading to calls to dma_unmap_single() with a null
> address.
>
> This was caused by rtl8169_start_xmit() not noticing changes to nr_frags
> which may occur when small packets are padded (to work around hardware
> quirks) in rtl8169_tso_csum_v2().
>
> To fix this, postpone inspecting nr_frags until after any padding has been
> applied.
>
> Fixes: 9020845fb5d6 ("r8169: improve rtl8169_start_xmit")
> Cc: stable@xxxxxxxxxxxxxxx
> Signed-off-by: Ken Milmore <ken.milmore@xxxxxxxxx>
> ---

Reviewed-by: Heiner Kallweit <hkallweit1@xxxxxxxxx>

Next message: Sameer Pujar: "Re: [RESEND PATCH 1/2] dt-bindings: dma: Add reg-names to nvidia,tegra210-adma"
Previous message: Heiner Kallweit: "Re: linux-next: build failure after merge of the i2c-host tree"
In reply to: Ken Milmore: "[PATCH net v2] r8169: Fix possible ring buffer corruption on fragmented Tx packets."
Next in thread: patchwork-bot+netdevbpf: "Re: [PATCH net v2] r8169: Fix possible ring buffer corruption on fragmented Tx packets."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]