RE: [PATCH net v3 1/1] net: ethernet: lantiq_etop: fix memory disclosure
From: Keller, Jacob E
Date: Mon Sep 23 2024 - 17:54:29 EST
> -----Original Message-----
> From: Aleksander Jan Bajkowski <olek2@xxxxx>
> Sent: Monday, September 23, 2024 2:50 PM
> To: davem@xxxxxxxxxxxxx; edumazet@xxxxxxxxxx; kuba@xxxxxxxxxx;
> pabeni@xxxxxxxxxx; olek2@xxxxx; horms@xxxxxxxxxx; Keller, Jacob E
> <jacob.e.keller@xxxxxxxxx>; john@xxxxxxxxxxx; ralf@xxxxxxxxxxxxxx;
> ralph.hempel@xxxxxxxxxx; netdev@xxxxxxxxxxxxxxx; linux-kernel@xxxxxxxxxxxxxxx
> Subject: [PATCH net v3 1/1] net: ethernet: lantiq_etop: fix memory disclosure
>
> When applying padding, the buffer is not zeroed, which results in memory
> disclosure. The mentioned data is observed on the wire. This patch uses
> skb_put_padto() to pad Ethernet frames properly. The mentioned function
> zeroes the expanded buffer.
>
> In case the packet cannot be padded it is silently dropped. Statistics
> are also not incremented. This driver does not support statistics in the
> old 32-bit format or the new 64-bit format. These will be added in the
> future. In its current form, the patch should be easily backported to
> stable versions.
>
> Ethernet MACs on Amazon-SE and Danube cannot do padding of the packets
> in hardware, so software padding must be applied.
>
> Fixes: 504d4721ee8e ("MIPS: Lantiq: Add ethernet driver")
> Signed-off-by: Aleksander Jan Bajkowski <olek2@xxxxx>
> ---
Reviewed-by: Jacob Keller <jacob.e.keller@xxxxxxxxx>