From: Jason Wang <jasowang@redhat.com>
To: Stefan Weil <sw@weilnetz.de>,
samuel.thibault@ens-lyon.org, qemu-devel@nongnu.org
Cc: peter.maydell@linaro.org, bmeng.cn@gmail.com, philmd@redhat.com,
crobinso@redhat.com
Subject: Re: [PATCH for 6.0] net: check the existence of peer before trying to pad
Date: Fri, 23 Apr 2021 14:02:53 +0800 [thread overview]
Message-ID: <cad69b02-f423-ee5a-812d-3eef06260176@redhat.com> (raw)
In-Reply-To: <45b74435-2bcd-d6f4-4ada-8d357bd33d4d@weilnetz.de>
在 2021/4/23 下午1:42, Stefan Weil 写道:
> Am 23.04.21 um 05:18 schrieb Jason Wang:
>
>> There could be case that peer is NULL. This can happen when during
>> network device hot-add where net device needs to be added first. So
>> the patch check the existence of peer before trying to do the pad.
>>
>> Fixes: 969e50b61a285 ("net: Pad short frames to minimum size before
>> sending from SLiRP/TAP")
>> Signed-off-by: Jason Wang <jasowang@redhat.com>
>> ---
>> include/net/net.h | 5 +++++
>> net/slirp.c | 2 +-
>> net/tap-win32.c | 2 +-
>> net/tap.c | 2 +-
>> 4 files changed, 8 insertions(+), 3 deletions(-)
>>
>> diff --git a/include/net/net.h b/include/net/net.h
>> index eff24519d2..1ef536d771 100644
>> --- a/include/net/net.h
>> +++ b/include/net/net.h
>> @@ -241,4 +241,9 @@ uint32_t net_crc32_le(const uint8_t *p, int len);
>> .offset = vmstate_offset_macaddr(_state, _field),
> \
>> }
>> +static inline bool net_peer_needs_padding(NetClientState *nc)
>> +{
>> + return nc->peer && !nc->peer->do_not_pad;
>> +}
>> +
>> #endif
>> diff --git a/net/slirp.c b/net/slirp.c
>> index a01a0fccd3..7a4e96db5c 100644
>> --- a/net/slirp.c
>> +++ b/net/slirp.c
>> @@ -119,7 +119,7 @@ static ssize_t net_slirp_send_packet(const void
>> *pkt,size_t pkt_len,
>> uint8_t min_pkt[ETH_ZLEN];
>> size_t min_pktsz = sizeof(min_pkt);
>> - if (!s->nc.peer->do_not_pad) {
>> + if (net_peer_needs_padding(&s->nc)) {
>> if (eth_pad_short_frame(min_pkt, &min_pktsz, pkt, pkt_len)) {
>> pkt = min_pkt;
>> pkt_len = min_pktsz;
>> diff --git a/net/tap-win32.c b/net/tap-win32.c
>> index 897bd18e32..6096972f5d 100644
>> --- a/net/tap-win32.c
>> +++ b/net/tap-win32.c
>> @@ -696,7 +696,7 @@ static void tap_win32_send(void *opaque)
>> if (size > 0) {
>> orig_buf = buf;
>> - if (!s->nc.peer->do_not_pad) {
>> + if (net_peer_needs_padding(&s->nc)) {
>> if (eth_pad_short_frame(min_pkt, &min_pktsz, buf, size)) {
>> buf = min_pkt;
>> size = min_pktsz;
>> diff --git a/net/tap.c b/net/tap.c
>> index 7d53cedaec..820872fde8 100644
>> --- a/net/tap.c
>> +++ b/net/tap.c
>> @@ -203,7 +203,7 @@ static void tap_send(void *opaque)
>> size -= s->host_vnet_hdr_len;
>> }
>> - if (!s->nc.peer->do_not_pad) {
>> + if (net_peer_needs_padding(&s->nc)) {
>> if (eth_pad_short_frame(min_pkt, &min_pktsz, buf, size)) {
>> buf = min_pkt;
>> size = min_pktsz;
>
>
> I assume that you had a test case which triggered that null pointer
> access?
Yes, it's simple to trigger by just adding a tap device and assign an IP
to that.
Thanks
> If yes, than this should indeed be applied before releasing 6.0.
>
> The modification is simple enough for a last minute change.
>
> Reviewed-by: Stefan Weil <sw@weilnetz.de>
>
>
>
>
next prev parent reply other threads:[~2021-04-23 6:03 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-04-23 3:18 [PATCH for 6.0] net: check the existence of peer before trying to pad Jason Wang
2021-04-23 3:24 ` Bin Meng
2021-04-23 5:42 ` Stefan Weil
2021-04-23 6:02 ` Jason Wang [this message]
2021-04-23 13:07 ` Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cad69b02-f423-ee5a-812d-3eef06260176@redhat.com \
--to=jasowang@redhat.com \
--cc=bmeng.cn@gmail.com \
--cc=crobinso@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=philmd@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=samuel.thibault@ens-lyon.org \
--cc=sw@weilnetz.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).