[PATCH net] net: dpaa: Pad packets to ETH_ZLEN

From: Sean Anderson
Date: Mon Sep 09 2024 - 12:06:34 EST

Next message: Conor Dooley: "Re: [PATCH v2 1/9] dt-bindings: iio: dac: ad3552r: add io-backend property"
Previous message: Simon Horman: "Re: [PATCH net-next v2 08/10] net: netconsole: do not pass userdata up to the tail"
Next in thread: Eric Dumazet: "Re: [PATCH net] net: dpaa: Pad packets to ETH_ZLEN"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

When sending packets under 60 bytes, up to three bytes of the buffer following
the data may be leaked. Avoid this by extending all packets to ETH_ZLEN,
ensuring nothing is leaked in the padding. This bug can be reproduced by
running

$ ping -s 11 destination

Fixes: 9ad1a3749333 ("dpaa_eth: add support for DPAA Ethernet")
Signed-off-by: Sean Anderson <sean.anderson@xxxxxxxxx>
---

drivers/net/ethernet/freescale/dpaa/dpaa_eth.c | 6 ++++++
1 file changed, 6 insertions(+)

diff --git a/drivers/net/ethernet/freescale/dpaa/dpaa_eth.c b/drivers/net/ethernet/freescale/dpaa/dpaa_eth.c
index cfe6b57b1da0..e4e8ee8b7356 100644
--- a/drivers/net/ethernet/freescale/dpaa/dpaa_eth.c
+++ b/drivers/net/ethernet/freescale/dpaa/dpaa_eth.c
@@ -2322,6 +2322,12 @@ dpaa_start_xmit(struct sk_buff *skb, struct net_device *net_dev)
}
#endif

+ /* Packet data is always read as 32-bit words, so zero out any part of
+ * the skb which might be sent if we have to pad the packet
+ */
+ if (__skb_put_padto(skb, ETH_ZLEN, false))
+ goto enomem;
+
if (nonlinear) {
/* Just create a S/G fd based on the skb */
err = skb_to_sg_fd(priv, skb, &fd);
--
2.35.1.1320.gc452695387.dirty

Next message: Conor Dooley: "Re: [PATCH v2 1/9] dt-bindings: iio: dac: ad3552r: add io-backend property"
Previous message: Simon Horman: "Re: [PATCH net-next v2 08/10] net: netconsole: do not pass userdata up to the tail"
Next in thread: Eric Dumazet: "Re: [PATCH net] net: dpaa: Pad packets to ETH_ZLEN"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]