From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-11.5 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH, MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_HELO_NONE,SPF_PASS,USER_AGENT_SANE_1 autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id E3B20C433E3 for ; Mon, 27 Jul 2020 11:48:45 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id AE3072072E for ; Mon, 27 Jul 2020 11:48:45 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="CjWttMnZ" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org AE3072072E Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=arm.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:In-Reply-To:MIME-Version:References:Message-ID: Subject:To:From:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=SbueTsYlbEqT8Ve0q1k3DFjPRd2NpxFx0bZAksPuVCA=; b=CjWttMnZsxjU8WGE/zCFtJDG7 UD4grxfYJvnadxA/n6+u8VJYaimbQuWI/nVFJhED3qx1QuqGinAd1mt/aKHTBnWCikF7E57lbXull OrHPo+4wSPnGCxhhCl+n4zIv6MUZmAOY1dBYwk396LdMrpJHlCqkHJE8mVOjqQCoKins0KSfm8LbW DCFmyzyMpTCaNaOEpfI13jJvJOezYrGO3Tal9MaJbvYYHFzhZp6O30FHaLvWCP5nv+uhFXoMR9Z7z twML/u0+jTWE47l8rGKGNkVoq0O9yUnwFUtENEN+/pAdiQ0p72e5L21BbNHjfJ4h1O3PO9QRjgG7J y8EMuMAZA==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1k01bA-0008IS-L4; Mon, 27 Jul 2020 11:47:16 +0000 Received: from mail.kernel.org ([198.145.29.99]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k01b8-0008Hm-WE for linux-arm-kernel@lists.infradead.org; Mon, 27 Jul 2020 11:47:15 +0000 Received: from gaia (unknown [95.146.230.158]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 4C12820714; Mon, 27 Jul 2020 11:47:13 +0000 (UTC) Date: Mon, 27 Jul 2020 12:47:10 +0100 From: Catalin Marinas To: guodeqing Subject: Re: [PATCH,v2] arm64: fix the illegal address access in some cases Message-ID: <20200727114710.GD25400@gaia> References: <1595642886-78334-1-git-send-email-geffrey.guo@huawei.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <1595642886-78334-1-git-send-email-geffrey.guo@huawei.com> User-Agent: Mutt/1.10.1 (2018-07-13) X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200727_074715_124690_53F2AAE9 X-CRM114-Status: GOOD ( 21.24 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: will@kernel.org, luke.starrett@broadcom.com, robin.murphy@arm.com, linux-arm-kernel@lists.infradead.org Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org On Sat, Jul 25, 2020 at 10:08:06AM +0800, guodeqing wrote: > The ihl value of ip header is smaller than 5 in some cases, if the > ihl value is smaller than 5, then the next code will access the illegal > address, and the system will panic. ip_fast_csum() must be able to handle > any value that could fit in the ihl field of the ip protocol header. > > Here I add the check of the ihl value to solve this problem. > > Fixes: 0e455d8e80aa (arm64: Implement optimised IP checksum helpers) > Signed-off-by: guodeqing > --- > arch/arm64/include/asm/checksum.h | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/arch/arm64/include/asm/checksum.h b/arch/arm64/include/asm/checksum.h > index b6f7bc6..5a7d9ac 100644 > --- a/arch/arm64/include/asm/checksum.h > +++ b/arch/arm64/include/asm/checksum.h > @@ -25,6 +25,9 @@ static inline __sum16 ip_fast_csum(const void *iph, unsigned int ihl) > __uint128_t tmp; > u64 sum; > > + if (unlikely(ihl < 5)) > + return 1; > + > tmp = *(const __uint128_t *)iph; > iph += 16; > ihl -= 4; IHL in IPv4 should be at least 5. Do you have a stack trace to show how it got here? Maybe the caller should ensure that the correct size is passed. Thanks. -- Catalin _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel