[Xen-changelog] [xen-unstable] [NET]: Update net-gso.patch. Remove net-tso.patch.

[Xen patchbot-unstable <patchbot-unstable@xxxxxxxxxxxxxxxxxxx>]

# HG changeset patch
# User kaf24@xxxxxxxxxxxxxxxxxxxx
# Node ID 17e9daeb2c504389a8de8b5ed814bbe75878dca3
# Parent  c1119ff85f4e50d9071412d48f18e9d925773648
[NET]: Update net-gso.patch. Remove net-tso.patch.

New changeset merged upstream:

    [TCP]: Reset gso_segs if packet is dodgy

    I wasn't paranoid enough in verifying GSO information.  A bogus gso_segs
    could upset drivers as much as a bogus header would.  Let's reset it in
    the per-protocol gso_segment functions.

    I didn't verify gso_size because that can be verified by the source of
    the dodgy packets.

    Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>

Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
---
 patches/linux-2.6.16.13/net-tso.patch |   23 -----------------------
 patches/linux-2.6.16.13/net-gso.patch |    8 ++------
 2 files changed, 2 insertions(+), 29 deletions(-)

diff -r c1119ff85f4e -r 17e9daeb2c50 patches/linux-2.6.16.13/net-gso.patch
--- a/patches/linux-2.6.16.13/net-gso.patch     Fri Jun 30 14:30:43 2006 +0100
+++ b/patches/linux-2.6.16.13/net-gso.patch     Fri Jun 30 14:41:13 2006 +0100
@@ -2225,7 +2225,7 @@ index d64e2ec..7494823 100644
        err = ipcomp_compress(x, skb);
        iph = skb->nh.iph;
 diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c
-index 00aa80e..84130c9 100644
+index 00aa80e..30c81a8 100644
 --- a/net/ipv4/tcp.c
 +++ b/net/ipv4/tcp.c
 @@ -257,6 +257,7 @@ #include <linux/smp_lock.h>
@@ -2281,7 +2281,7 @@ index 00aa80e..84130c9 100644
  
                        from += copy;
                        copied += copy;
-@@ -2026,6 +2021,71 @@ int tcp_getsockopt(struct sock *sk, int 
+@@ -2026,6 +2021,77 @@ int tcp_getsockopt(struct sock *sk, int 
  }
  
  
@@ -2306,12 +2306,18 @@ index 00aa80e..84130c9 100644
 +      if (!pskb_may_pull(skb, thlen))
 +              goto out;
 +
-+      segs = NULL;
-+      if (skb_gso_ok(skb, features | NETIF_F_GSO_ROBUST))
-+              goto out;
-+
 +      oldlen = (u16)~skb->len;
 +      __skb_pull(skb, thlen);
++
++      if (skb_gso_ok(skb, features | NETIF_F_GSO_ROBUST)) {
++              /* Packet is from an untrusted source, reset gso_segs. */
++              int mss = skb_shinfo(skb)->gso_size;
++
++              skb_shinfo(skb)->gso_segs = (skb->len + mss - 1) / mss;
++
++              segs = NULL;
++              goto out;
++      }
 +
 +      segs = skb_segment(skb, features);
 +      if (IS_ERR(segs))
diff -r c1119ff85f4e -r 17e9daeb2c50 patches/linux-2.6.16.13/net-tso.patch
--- a/patches/linux-2.6.16.13/net-tso.patch     Fri Jun 30 14:30:43 2006 +0100
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,28 +0,0 @@
-diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c
-index 0336422..0bb0ac9 100644
---- a/net/ipv4/tcp.c
-+++ b/net/ipv4/tcp.c
-@@ -2166,13 +2166,19 @@ struct sk_buff *tcp_tso_segment(struct s
-       if (!pskb_may_pull(skb, thlen))
-               goto out;
- 
--      segs = NULL;
--      if (skb_gso_ok(skb, features | NETIF_F_GSO_ROBUST))
--              goto out;
--
-       oldlen = (u16)~skb->len;
-       __skb_pull(skb, thlen);
- 
-+      if (skb_gso_ok(skb, features | NETIF_F_GSO_ROBUST)) {
-+              /* Packet is from an untrusted source, reset gso_segs. */
-+              int mss = skb_shinfo(skb)->gso_size;
-+
-+              skb_shinfo(skb)->gso_segs = (skb->len + mss - 1) / mss;
-+
-+              segs = NULL;
-+              goto out;
-+      }
-+
-       segs = skb_segment(skb, features);
-       if (IS_ERR(segs))
-               goto out;

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog