* [PATCH] xsk: fix out of boundary write in __xsk_rcv_memcpy
@ 2020-04-02 7:52 Li RongQing
2020-04-02 22:20 ` Jonathan Lemon
0 siblings, 1 reply; 5+ messages in thread
From: Li RongQing @ 2020-04-02 7:52 UTC (permalink / raw)
To: netdev, bpf, kevin.laatz, ciara.loftus, bruce.richardson,
jonathan.lemon, daniel
first_len is remainder of first page, if write size is
larger than it, out of page boundary write will happen
Fixes: c05cd3645814 "(xsk: add support to allow unaligned chunk placement)"
Signed-off-by: Li RongQing <lirongqing@baidu.com>
---
net/xdp/xsk.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/net/xdp/xsk.c b/net/xdp/xsk.c
index 356f90e4522b..c350108aa38d 100644
--- a/net/xdp/xsk.c
+++ b/net/xdp/xsk.c
@@ -131,8 +131,9 @@ static void __xsk_rcv_memcpy(struct xdp_umem *umem, u64 addr, void *from_buf,
u64 page_start = addr & ~(PAGE_SIZE - 1);
u64 first_len = PAGE_SIZE - (addr - page_start);
- memcpy(to_buf, from_buf, first_len + metalen);
- memcpy(next_pg_addr, from_buf + first_len, len - first_len);
+ memcpy(to_buf, from_buf, first_len);
+ memcpy(next_pg_addr, from_buf + first_len,
+ len + metalen - first_len);
return;
}
--
2.16.2
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH] xsk: fix out of boundary write in __xsk_rcv_memcpy
2020-04-02 7:52 [PATCH] xsk: fix out of boundary write in __xsk_rcv_memcpy Li RongQing
@ 2020-04-02 22:20 ` Jonathan Lemon
2020-04-03 8:29 ` Björn Töpel
0 siblings, 1 reply; 5+ messages in thread
From: Jonathan Lemon @ 2020-04-02 22:20 UTC (permalink / raw)
To: Li RongQing
Cc: netdev, bpf, kevin.laatz, ciara.loftus, bruce.richardson, daniel
On 2 Apr 2020, at 0:52, Li RongQing wrote:
> first_len is remainder of first page, if write size is
> larger than it, out of page boundary write will happen
>
> Fixes: c05cd3645814 "(xsk: add support to allow unaligned chunk placement)"
> Signed-off-by: Li RongQing <lirongqing@baidu.com>
Acked-by: Jonathan Lemon <jonathan.lemon@gmail.com>
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] xsk: fix out of boundary write in __xsk_rcv_memcpy
2020-04-02 22:20 ` Jonathan Lemon
@ 2020-04-03 8:29 ` Björn Töpel
2020-04-06 20:12 ` Daniel Borkmann
0 siblings, 1 reply; 5+ messages in thread
From: Björn Töpel @ 2020-04-03 8:29 UTC (permalink / raw)
To: Jonathan Lemon
Cc: Li RongQing, Netdev, bpf, Kevin Laatz, Ciara Loftus,
Bruce Richardson, Daniel Borkmann
On Fri, 3 Apr 2020 at 00:22, Jonathan Lemon <jonathan.lemon@gmail.com> wrote:
>
> On 2 Apr 2020, at 0:52, Li RongQing wrote:
>
> > first_len is remainder of first page, if write size is
> > larger than it, out of page boundary write will happen
> >
> > Fixes: c05cd3645814 "(xsk: add support to allow unaligned chunk placement)"
> > Signed-off-by: Li RongQing <lirongqing@baidu.com>
>
> Acked-by: Jonathan Lemon <jonathan.lemon@gmail.com>
Good catch!
Acked-by: Björn Töpel <bjorn.topel@intel.com>
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] xsk: fix out of boundary write in __xsk_rcv_memcpy
2020-04-03 8:29 ` Björn Töpel
@ 2020-04-06 20:12 ` Daniel Borkmann
2020-04-07 4:35 ` Björn Töpel
0 siblings, 1 reply; 5+ messages in thread
From: Daniel Borkmann @ 2020-04-06 20:12 UTC (permalink / raw)
To: Björn Töpel, Jonathan Lemon
Cc: Li RongQing, Netdev, bpf, Kevin Laatz, Ciara Loftus,
Bruce Richardson, magnus.karlsson
On 4/3/20 10:29 AM, Björn Töpel wrote:
> On Fri, 3 Apr 2020 at 00:22, Jonathan Lemon <jonathan.lemon@gmail.com> wrote:
>> On 2 Apr 2020, at 0:52, Li RongQing wrote:
>>
>>> first_len is remainder of first page, if write size is
>>> larger than it, out of page boundary write will happen
>>>
>>> Fixes: c05cd3645814 "(xsk: add support to allow unaligned chunk placement)"
>>> Signed-off-by: Li RongQing <lirongqing@baidu.com>
>>
>> Acked-by: Jonathan Lemon <jonathan.lemon@gmail.com>
>
> Good catch!
> Acked-by: Björn Töpel <bjorn.topel@intel.com>
Applied, thanks!
Björn, Magnus, others, would be really valuable to have a proper kselftest suite
in BPF for covering everything xsk related, including such corner cases as Li fixed
here, wdyt? ;-)
Thanks,
Daniel
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] xsk: fix out of boundary write in __xsk_rcv_memcpy
2020-04-06 20:12 ` Daniel Borkmann
@ 2020-04-07 4:35 ` Björn Töpel
0 siblings, 0 replies; 5+ messages in thread
From: Björn Töpel @ 2020-04-07 4:35 UTC (permalink / raw)
To: Daniel Borkmann
Cc: Jonathan Lemon, Li RongQing, Netdev, bpf, Kevin Laatz,
Ciara Loftus, Bruce Richardson, Karlsson, Magnus
On Mon, 6 Apr 2020 at 22:13, Daniel Borkmann <daniel@iogearbox.net> wrote:
>
> On 4/3/20 10:29 AM, Björn Töpel wrote:
> > On Fri, 3 Apr 2020 at 00:22, Jonathan Lemon <jonathan.lemon@gmail.com> wrote:
> >> On 2 Apr 2020, at 0:52, Li RongQing wrote:
> >>
> >>> first_len is remainder of first page, if write size is
> >>> larger than it, out of page boundary write will happen
> >>>
> >>> Fixes: c05cd3645814 "(xsk: add support to allow unaligned chunk placement)"
> >>> Signed-off-by: Li RongQing <lirongqing@baidu.com>
> >>
> >> Acked-by: Jonathan Lemon <jonathan.lemon@gmail.com>
> >
> > Good catch!
> > Acked-by: Björn Töpel <bjorn.topel@intel.com>
>
> Applied, thanks!
>
> Björn, Magnus, others, would be really valuable to have a proper kselftest suite
> in BPF for covering everything xsk related, including such corner cases as Li fixed
> here, wdyt? ;-)
>
Indeed. It's *very much* overdue. :-(
Björn
> Thanks,
> Daniel
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2020-04-07 4:35 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-04-02 7:52 [PATCH] xsk: fix out of boundary write in __xsk_rcv_memcpy Li RongQing
2020-04-02 22:20 ` Jonathan Lemon
2020-04-03 8:29 ` Björn Töpel
2020-04-06 20:12 ` Daniel Borkmann
2020-04-07 4:35 ` Björn Töpel
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).