* [Qemu-devel] [PATCH] e1000: Discard oversized packets based on SBP|LPE [not found] <20121205121317.GC6887@stefanha-thinkpad.redhat.com> @ 2012-12-05 18:31 ` Michael Contreras 2012-12-18 13:44 ` Stefan Hajnoczi 0 siblings, 1 reply; 7+ messages in thread From: Michael Contreras @ 2012-12-05 18:31 UTC (permalink / raw) To: qemu-devel Cc: Michael Contreras, Stefan Hajnoczi, Andreas Faerber, Anthony Liguori Discard packets longer than 16384 when !SBP to match the hardware behavior. Signed-off-by: Michael Contreras <michael@inetric.com> --- hw/e1000.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/hw/e1000.c b/hw/e1000.c index 5537ad2..e772c8e 100644 --- a/hw/e1000.c +++ b/hw/e1000.c @@ -61,6 +61,8 @@ static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL); /* this is the size past which hardware will drop packets when setting LPE=0 */ #define MAXIMUM_ETHERNET_VLAN_SIZE 1522 +/* this is the size past which hardware will drop packets when setting LPE=1 */ +#define MAXIMUM_ETHERNET_LPE_SIZE 16384 /* * HW models: @@ -809,8 +811,9 @@ e1000_receive(NetClientState *nc, const uint8_t *buf, size_t size) } /* Discard oversized packets if !LPE and !SBP. */ - if (size > MAXIMUM_ETHERNET_VLAN_SIZE - && !(s->mac_reg[RCTL] & E1000_RCTL_LPE) + if ((size > MAXIMUM_ETHERNET_LPE_SIZE || + (size > MAXIMUM_ETHERNET_VLAN_SIZE + && !(s->mac_reg[RCTL] & E1000_RCTL_LPE))) && !(s->mac_reg[RCTL] & E1000_RCTL_SBP)) { return size; } -- 1.8.0.1 ^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [Qemu-devel] [PATCH] e1000: Discard oversized packets based on SBP|LPE 2012-12-05 18:31 ` [Qemu-devel] [PATCH] e1000: Discard oversized packets based on SBP|LPE Michael Contreras @ 2012-12-18 13:44 ` Stefan Hajnoczi 2012-12-18 16:20 ` Michael Tokarev 0 siblings, 1 reply; 7+ messages in thread From: Stefan Hajnoczi @ 2012-12-18 13:44 UTC (permalink / raw) To: Michael Contreras; +Cc: qemu-devel, Anthony Liguori, Andreas Faerber On Wed, Dec 05, 2012 at 01:31:30PM -0500, Michael Contreras wrote: > Discard packets longer than 16384 when !SBP to match the hardware behavior. > > Signed-off-by: Michael Contreras <michael@inetric.com> > --- > hw/e1000.c | 7 +++++-- > 1 file changed, 5 insertions(+), 2 deletions(-) Thanks, applied to the net tree: https://github.com/stefanha/qemu/commits/net Stefan ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [Qemu-devel] [PATCH] e1000: Discard oversized packets based on SBP|LPE 2012-12-18 13:44 ` Stefan Hajnoczi @ 2012-12-18 16:20 ` Michael Tokarev 2012-12-18 16:49 ` Stefan Hajnoczi 0 siblings, 1 reply; 7+ messages in thread From: Michael Tokarev @ 2012-12-18 16:20 UTC (permalink / raw) To: Stefan Hajnoczi Cc: Michael Contreras, qemu-devel, Anthony Liguori, Andreas Faerber On 18.12.2012 17:44, Stefan Hajnoczi wrote: > On Wed, Dec 05, 2012 at 01:31:30PM -0500, Michael Contreras wrote: >> Discard packets longer than 16384 when !SBP to match the hardware behavior. >> >> Signed-off-by: Michael Contreras <michael@inetric.com> >> --- >> hw/e1000.c | 7 +++++-- >> 1 file changed, 5 insertions(+), 2 deletions(-) It looks like another very good candidate for -stable (up to quite some releases of qemu ago), together with the previous similar patch. Isn't it quite a bit security-sensitive too? Thanks, /mjt ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [Qemu-devel] [PATCH] e1000: Discard oversized packets based on SBP|LPE 2012-12-18 16:20 ` Michael Tokarev @ 2012-12-18 16:49 ` Stefan Hajnoczi 2012-12-18 17:34 ` Michael Contreras 0 siblings, 1 reply; 7+ messages in thread From: Stefan Hajnoczi @ 2012-12-18 16:49 UTC (permalink / raw) To: Michael Tokarev Cc: Stefan Hajnoczi, Michael Contreras, qemu-stable, qemu-devel, Anthony Liguori, Andreas Faerber On Tue, Dec 18, 2012 at 5:20 PM, Michael Tokarev <mjt@tls.msk.ru> wrote: > On 18.12.2012 17:44, Stefan Hajnoczi wrote: >> On Wed, Dec 05, 2012 at 01:31:30PM -0500, Michael Contreras wrote: >>> Discard packets longer than 16384 when !SBP to match the hardware behavior. >>> >>> Signed-off-by: Michael Contreras <michael@inetric.com> >>> --- >>> hw/e1000.c | 7 +++++-- >>> 1 file changed, 5 insertions(+), 2 deletions(-) > > It looks like another very good candidate for -stable (up to quite some > releases of qemu ago), together with the previous similar patch. Yes, it's good for -stable. Stefan ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [Qemu-devel] [PATCH] e1000: Discard oversized packets based on SBP|LPE 2012-12-18 16:49 ` Stefan Hajnoczi @ 2012-12-18 17:34 ` Michael Contreras 2012-12-19 11:42 ` Stefan Hajnoczi 2012-12-30 8:29 ` Michael Tokarev 0 siblings, 2 replies; 7+ messages in thread From: Michael Contreras @ 2012-12-18 17:34 UTC (permalink / raw) To: Stefan Hajnoczi Cc: Stefan Hajnoczi, michael, kangli, Michael Tokarev, qemu-devel, Anthony Liguori, Andreas Faerber On Tue, Dec 18, 2012 at 05:49:16PM +0100, Stefan Hajnoczi wrote: > On Tue, Dec 18, 2012 at 5:20 PM, Michael Tokarev <mjt@tls.msk.ru> wrote: > > On 18.12.2012 17:44, Stefan Hajnoczi wrote: > >> On Wed, Dec 05, 2012 at 01:31:30PM -0500, Michael Contreras wrote: > >>> Discard packets longer than 16384 when !SBP to match the hardware behavior. > >>> > >>> Signed-off-by: Michael Contreras <michael@inetric.com> > >>> --- > >>> hw/e1000.c | 7 +++++-- > >>> 1 file changed, 5 insertions(+), 2 deletions(-) > > > > It looks like another very good candidate for -stable (up to quite some > > releases of qemu ago), together with the previous similar patch. > > Yes, it's good for -stable. > > Stefan Thanks guys. Any update on the CVE number? Seems the KVM qemu git tree still has this vulnerability. Xen has the fix in their qemu unstable git mirror, but hasn't applied it yet either. Michael ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [Qemu-devel] [PATCH] e1000: Discard oversized packets based on SBP|LPE 2012-12-18 17:34 ` Michael Contreras @ 2012-12-19 11:42 ` Stefan Hajnoczi 2012-12-30 8:29 ` Michael Tokarev 1 sibling, 0 replies; 7+ messages in thread From: Stefan Hajnoczi @ 2012-12-19 11:42 UTC (permalink / raw) To: Michael Contreras Cc: Stefan Hajnoczi, kangli, Michael Tokarev, qemu-devel, Anthony Liguori, Andreas Faerber On Tue, Dec 18, 2012 at 12:34:22PM -0500, Michael Contreras wrote: > On Tue, Dec 18, 2012 at 05:49:16PM +0100, Stefan Hajnoczi wrote: > > On Tue, Dec 18, 2012 at 5:20 PM, Michael Tokarev <mjt@tls.msk.ru> wrote: > > > On 18.12.2012 17:44, Stefan Hajnoczi wrote: > > >> On Wed, Dec 05, 2012 at 01:31:30PM -0500, Michael Contreras wrote: > > >>> Discard packets longer than 16384 when !SBP to match the hardware behavior. > > >>> > > >>> Signed-off-by: Michael Contreras <michael@inetric.com> > > >>> --- > > >>> hw/e1000.c | 7 +++++-- > > >>> 1 file changed, 5 insertions(+), 2 deletions(-) > > > > > > It looks like another very good candidate for -stable (up to quite some > > > releases of qemu ago), together with the previous similar patch. > > > > Yes, it's good for -stable. > > > > Stefan > > Thanks guys. Any update on the CVE number? Seems the KVM qemu git tree > still has this vulnerability. Xen has the fix in their qemu unstable > git mirror, but hasn't applied it yet either. Your original LPE patch went into QEMU 1.3. qemu-kvm.git is no longer relevant - it has been merged back into qemu.git and has therefore not been updated since October 11. Use qemu.git. Perhaps others can provide info on the CVE and Xen. Stefan ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [Qemu-devel] [PATCH] e1000: Discard oversized packets based on SBP|LPE 2012-12-18 17:34 ` Michael Contreras 2012-12-19 11:42 ` Stefan Hajnoczi @ 2012-12-30 8:29 ` Michael Tokarev 1 sibling, 0 replies; 7+ messages in thread From: Michael Tokarev @ 2012-12-30 8:29 UTC (permalink / raw) To: Michael Contreras Cc: Stefan Hajnoczi, kangli, Andreas Faerber, Anthony Liguori, qemu-devel 18.12.2012 21:34, Michael Contreras пишет: > On Tue, Dec 18, 2012 at 05:49:16PM +0100, Stefan Hajnoczi wrote: >> On Tue, Dec 18, 2012 at 5:20 PM, Michael Tokarev <mjt@tls.msk.ru> wrote: >>> On 18.12.2012 17:44, Stefan Hajnoczi wrote: >>>> On Wed, Dec 05, 2012 at 01:31:30PM -0500, Michael Contreras wrote: >>>>> Discard packets longer than 16384 when !SBP to match the hardware behavior. >>>>> >>>>> Signed-off-by: Michael Contreras <michael@inetric.com> >>>>> --- >>>>> hw/e1000.c | 7 +++++-- >>>>> 1 file changed, 5 insertions(+), 2 deletions(-) >>> >>> It looks like another very good candidate for -stable (up to quite some >>> releases of qemu ago), together with the previous similar patch. >> >> Yes, it's good for -stable. >> >> Stefan > > Thanks guys. Any update on the CVE number? Seems the KVM qemu git tree > still has this vulnerability. Xen has the fix in their qemu unstable > git mirror, but hasn't applied it yet either. This issue has been assigned CVE-2012-6075. qemu-kvm does not exist anymore, it is just an internal development tree for qemu, sort of like a subsystem tree - there will be no more qemu-kvm releases. So we care only about qemu (main, older versions, incl. 0.12 and 0.15, are also affected), old qemu-kvm, and xen. CC'ing afaerber for 0.15. Thank you! /mjt ^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2012-12-30 8:29 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <20121205121317.GC6887@stefanha-thinkpad.redhat.com>
2012-12-05 18:31 ` [Qemu-devel] [PATCH] e1000: Discard oversized packets based on SBP|LPE Michael Contreras
2012-12-18 13:44 ` Stefan Hajnoczi
2012-12-18 16:20 ` Michael Tokarev
2012-12-18 16:49 ` Stefan Hajnoczi
2012-12-18 17:34 ` Michael Contreras
2012-12-19 11:42 ` Stefan Hajnoczi
2012-12-30 8:29 ` Michael Tokarev
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).