qiurui
/
Centos-kernel-stream-9
mirror of https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

virtio_net: Add hash_key_length check 

JIRA: https://issues.redhat.com/browse/RHEL-68253
CVE: CVE-2024-53082
Upstream: Merged

commit 3f7d9c1964fcd16d02a8a9d4fd6f6cb60c4cc530
Author: Philo Lu <lulie@linux.alibaba.com>
Date:   Mon Nov 4 16:57:04 2024 +0800

    virtio_net: Add hash_key_length check

    Add hash_key_length check in virtnet_probe() to avoid possible out of
    bound errors when setting/reading the hash key.

    Fixes: c7114b1249fa ("drivers/net/virtio_net: Added basic RSS support.")
    Signed-off-by: Philo Lu <lulie@linux.alibaba.com>
    Signed-off-by: Xuan Zhuo <xuanzhuo@linux.alibaba.com>
    Acked-by: Joe Damato <jdamato@fastly.com>
    Acked-by: Michael S. Tsirkin <mst@redhat.com>
    Signed-off-by: Paolo Abeni <pabeni@redhat.com>

Signed-off-by: Jon Maloy <jmaloy@redhat.com>
This commit is contained in:
Jon Maloy 2024-11-25 15:52:58 -05:00
parent 8112ec1a66
commit 525ce2f11c
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
drivers/net/virtio_net.c
View File

@ -4317,6 +4317,12 @@ static int virtnet_probe(struct virtio_device *vdev)
rss_max_indirection_table_length));
vi->rss_key_size =
virtio_cread8(vdev, offsetof(struct virtio_net_config, rss_max_key_size));
if (vi->rss_key_size > VIRTIO_NET_RSS_MAX_KEY_SIZE) {
dev_err(&vdev->dev, "rss_max_key_size=%u exceeds the limit %u.\n",
vi->rss_key_size, VIRTIO_NET_RSS_MAX_KEY_SIZE);
err = -EINVAL;
goto free;
}
vi->rss_hash_types_supported =
virtio_cread32(vdev, offsetof(struct virtio_net_config, supported_hash_types));