On 3/5/21 7:26 AM, Jason Wang wrote:
> Hi All:
>
> Followed by commit 22dc8663d9 ("net: forbid the reentrant RX"), we
> still need to fix the issues casued by loopback mode where the NIC
> usually it via calling nc->info->receive() directly.
>
> The fix is to introduce new network helper and check the
> queue->delivering.
>
> This series addresses CVE-2021-3416.
>
> Thanks
>
> Changes since V3:
> - clarify CVE number in the commit log
> - ident fix
>
> Changes since V2:
> - add more fixes from Alexander
>
> Changes since V1:
>
> - Fix dp8393x compiling
> - Add rtl8139 fix
> - Tweak the commit log
> - Silent patchew warning
>
> Alexander Bulekov (4):
> rtl8139: switch to use qemu_receive_packet() for loopback
> pcnet: switch to use qemu_receive_packet() for loopback
> cadence_gem: switch to use qemu_receive_packet() for loopback
> lan9118: switch to use qemu_receive_packet() for loopback
>
> Jason Wang (6):
> net: introduce qemu_receive_packet()
> e1000: switch to use qemu_receive_packet() for loopback
> dp8393x: switch to use qemu_receive_packet() for loopback packet
> msf2-mac: switch to use qemu_receive_packet() for loopback
> sungem: switch to use qemu_receive_packet() for loopback
> tx_pkt: switch to use qemu_receive_packet_iov() for loopback
>
> hw/net/cadence_gem.c | 4 ++--
> hw/net/dp8393x.c | 2 +-
> hw/net/e1000.c | 2 +-
> hw/net/lan9118.c | 2 +-
> hw/net/msf2-emac.c | 2 +-
> hw/net/net_tx_pkt.c | 2 +-
> hw/net/pcnet.c | 2 +-
> hw/net/rtl8139.c | 2 +-
> hw/net/sungem.c | 2 +-
> include/net/net.h | 5 +++++
> include/net/queue.h | 8 ++++++++
> net/net.c | 38 +++++++++++++++++++++++++++++++-------
> net/queue.c | 22 ++++++++++++++++++++++
> 13 files changed, 76 insertions(+), 17 deletions(-)
>
LGTM, maybe worth adding the "Cc: [email protected]" tag
when applying.
