|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [NET] back: Copy tx_ring data before verification
On 11/10/06 10:46, "Herbert Xu" <herbert@xxxxxxxxxxxxxxxxxxx> wrote: > This patch fixes a potential security problem should the > frontend attempt to change the tx_ring entries under us. > > [NET] back: Copy tx_ring data before verification > > We need to make a copy of data from tx_ring before > verifying them as otherwise what we end up using may > be different from what was verified. I would very much like to take this patch, but right now it does not work! # scp bigfile remotehost:/tmp/. Disconnecting: Bad packet length 1349676916. Write failed: Connection reset by peer lost connection This is with your patch applied on xen-unstable 11748:af1aa35265eb. The scp is happening from a PV guest running Centos4 and no special networking options (e.g., *not* using the rx-copy path, although the bug is reproducible either way). TSO etc are all enabled (since they are defaults). -- Keir _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |