* [PATCH net] atl2: Disable unimplemented scatter/gather feature
@ 2016-04-20 22:23 Ben Hutchings
2016-04-21 19:12 ` David Miller
0 siblings, 1 reply; 2+ messages in thread
From: Ben Hutchings @ 2016-04-20 22:23 UTC (permalink / raw)
To: David Miller; +Cc: netdev, Justin Yackoski
[-- Attachment #1: Type: text/plain, Size: 1462 bytes --]
atl2 includes NETIF_F_SG in hw_features even though it has no support
for non-linear skbs. This bug was originally harmless since the
driver does not claim to implement checksum offload and that used to
be a requirement for SG.
Now that SG and checksum offload are independent features, if you
explicitly enable SG *and* use one of the rare protocols that can use
SG without checkusm offload, this potentially leaks sensitive
information (before you notice that it just isn't working). Therefore
this obscure bug has been designated CVE-2016-2117.
Reported-by: Justin Yackoski <jyackoski@crypto-nite.com>
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Fixes: ec5f06156423 ("net: Kill link between CSUM and SG features.")
---
drivers/net/ethernet/atheros/atlx/atl2.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/net/ethernet/atheros/atlx/atl2.c b/drivers/net/ethernet/atheros/atlx/atl2.c
index 8f76f4558a88..2ff465848b65 100644
--- a/drivers/net/ethernet/atheros/atlx/atl2.c
+++ b/drivers/net/ethernet/atheros/atlx/atl2.c
@@ -1412,7 +1412,7 @@ static int atl2_probe(struct pci_dev *pdev, const struct pci_device_id *ent)
err = -EIO;
- netdev->hw_features = NETIF_F_SG | NETIF_F_HW_VLAN_CTAG_RX;
+ netdev->hw_features = NETIF_F_HW_VLAN_CTAG_RX;
netdev->features |= (NETIF_F_HW_VLAN_CTAG_TX | NETIF_F_HW_VLAN_CTAG_RX);
/* Init PHY as early as possible due to power saving issue */
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 811 bytes --]
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH net] atl2: Disable unimplemented scatter/gather feature
2016-04-20 22:23 [PATCH net] atl2: Disable unimplemented scatter/gather feature Ben Hutchings
@ 2016-04-21 19:12 ` David Miller
0 siblings, 0 replies; 2+ messages in thread
From: David Miller @ 2016-04-21 19:12 UTC (permalink / raw)
To: ben; +Cc: netdev, jyackoski
From: Ben Hutchings <ben@decadent.org.uk>
Date: Wed, 20 Apr 2016 23:23:08 +0100
> atl2 includes NETIF_F_SG in hw_features even though it has no support
> for non-linear skbs. This bug was originally harmless since the
> driver does not claim to implement checksum offload and that used to
> be a requirement for SG.
>
> Now that SG and checksum offload are independent features, if you
> explicitly enable SG *and* use one of the rare protocols that can use
> SG without checkusm offload, this potentially leaks sensitive
> information (before you notice that it just isn't working). Therefore
> this obscure bug has been designated CVE-2016-2117.
>
> Reported-by: Justin Yackoski <jyackoski@crypto-nite.com>
> Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
> Fixes: ec5f06156423 ("net: Kill link between CSUM and SG features.")
Applied and queued up for -stable, thanks.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2016-04-21 19:12 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-04-20 22:23 [PATCH net] atl2: Disable unimplemented scatter/gather feature Ben Hutchings
2016-04-21 19:12 ` David Miller
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.