From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, "Huang, Xiong" <xiong@qca.qualcomm.com>,
Eric Dumazet <eric.dumazet@gmail.com>,
Hannes Frederic Sowa <hannes@stressinduktion.org>,
"David S. Miller" <davem@davemloft.net>
Subject: [ 07/30] atl1e: limit gso segment size to prevent generation of wrong ip length fields
Date: Mon, 29 Apr 2013 12:02:31 -0700 [thread overview]
Message-ID: <20130429184356.147563489@linuxfoundation.org> (raw)
In-Reply-To: <20130429184355.299556377@linuxfoundation.org>
3.0-stable review patch. If anyone has any objections, please let me know.
------------------
From: Hannes Frederic Sowa <hannes@stressinduktion.org>
[ Upstream commit 31d1670e73f4911fe401273a8f576edc9c2b5fea ]
The limit of 0x3c00 is taken from the windows driver.
Suggested-by: Huang, Xiong <xiong@qca.qualcomm.com>
Cc: Huang, Xiong <xiong@qca.qualcomm.com>
Cc: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
drivers/net/atl1e/atl1e.h | 2 +-
drivers/net/atl1e/atl1e_main.c | 1 +
2 files changed, 2 insertions(+), 1 deletion(-)
--- a/drivers/net/atl1e/atl1e.h
+++ b/drivers/net/atl1e/atl1e.h
@@ -186,7 +186,7 @@ struct atl1e_tpd_desc {
/* how about 0x2000 */
#define MAX_TX_BUF_LEN 0x2000
#define MAX_TX_BUF_SHIFT 13
-/*#define MAX_TX_BUF_LEN 0x3000 */
+#define MAX_TSO_SEG_SIZE 0x3c00
/* rrs word 1 bit 0:31 */
#define RRS_RX_CSUM_MASK 0xFFFF
--- a/drivers/net/atl1e/atl1e_main.c
+++ b/drivers/net/atl1e/atl1e_main.c
@@ -2333,6 +2333,7 @@ static int __devinit atl1e_probe(struct
INIT_WORK(&adapter->reset_task, atl1e_reset_task);
INIT_WORK(&adapter->link_chg_task, atl1e_link_chg_task);
+ netif_set_gso_max_size(netdev, MAX_TSO_SEG_SIZE);
err = register_netdev(netdev);
if (err) {
netdev_err(netdev, "register netdevice failed\n");
next prev parent reply other threads:[~2013-04-29 19:02 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-04-29 19:02 [ 00/30] 3.0.76-stable review Greg Kroah-Hartman
2013-04-29 19:02 ` [ 01/30] TTY: do not update atime/mtime on read/write Greg Kroah-Hartman
2013-04-29 19:02 ` [ 02/30] TTY: fix atime/mtime regression Greg Kroah-Hartman
2013-04-29 19:02 ` [ 03/30] sparc64: Fix race in TLB batch processing Greg Kroah-Hartman
2013-04-29 19:02 ` [ 04/30] cbq: incorrect processing of high limits Greg Kroah-Hartman
2013-04-29 19:02 ` [ 05/30] net IPv6 : Fix broken IPv6 routing table after loopback down-up Greg Kroah-Hartman
2013-04-29 19:02 ` [ 06/30] net: count hw_addr syncs so that unsync works properly Greg Kroah-Hartman
2013-04-29 19:02 ` Greg Kroah-Hartman [this message]
2013-04-29 19:02 ` [ 08/30] bonding: IFF_BONDING is not stripped on enslave failure Greg Kroah-Hartman
2013-04-29 19:02 ` [ 09/30] af_unix: If we dont care about credentials coallesce all messages Greg Kroah-Hartman
2013-04-29 19:02 ` [ 10/30] netfilter: dont reset nf_trace in nf_reset() Greg Kroah-Hartman
2013-04-29 19:02 ` [ 11/30] rtnetlink: Call nlmsg_parse() with correct header length Greg Kroah-Hartman
2013-04-29 19:02 ` [ 12/30] tcp: incoming connections might use wrong route under synflood Greg Kroah-Hartman
2013-04-29 19:02 ` [ 13/30] esp4: fix error return code in esp_output() Greg Kroah-Hartman
2013-04-29 19:02 ` [ 14/30] net: sctp: sctp_auth_key_put: use kzfree instead of kfree Greg Kroah-Hartman
2013-04-29 19:02 ` [ 15/30] tcp: call tcp_replace_ts_recent() from tcp_ack() Greg Kroah-Hartman
2013-04-29 19:02 ` [ 16/30] net: fix incorrect credentials passing Greg Kroah-Hartman
2013-04-29 19:02 ` [ 17/30] atm: update msg_namelen in vcc_recvmsg() Greg Kroah-Hartman
2013-04-29 19:02 ` [ 18/30] ax25: fix info leak via msg_name in ax25_recvmsg() Greg Kroah-Hartman
2013-04-29 19:02 ` [ 19/30] Bluetooth: fix possible info leak in bt_sock_recvmsg() Greg Kroah-Hartman
2013-04-29 19:02 ` [ 20/30] Bluetooth: RFCOMM - Fix missing msg_namelen update in rfcomm_sock_recvmsg() Greg Kroah-Hartman
2013-04-29 19:02 ` [ 21/30] caif: Fix missing msg_namelen update in caif_seqpkt_recvmsg() Greg Kroah-Hartman
2013-04-29 19:02 ` [ 22/30] irda: Fix missing msg_namelen update in irda_recvmsg_dgram() Greg Kroah-Hartman
2013-04-29 19:02 ` [ 23/30] iucv: Fix missing msg_namelen update in iucv_sock_recvmsg() Greg Kroah-Hartman
2013-04-29 19:02 ` [ 24/30] llc: Fix missing msg_namelen update in llc_ui_recvmsg() Greg Kroah-Hartman
2013-04-29 19:02 ` [ 25/30] netrom: fix info leak via msg_name in nr_recvmsg() Greg Kroah-Hartman
2013-04-29 19:02 ` [ 26/30] rose: fix info leak via msg_name in rose_recvmsg() Greg Kroah-Hartman
2013-04-29 19:02 ` [ 27/30] tipc: fix info leaks via msg_name in recv_msg/recv_stream Greg Kroah-Hartman
2013-04-29 19:02 ` [ 28/30] netrom: fix invalid use of sizeof in nr_recvmsg() Greg Kroah-Hartman
2013-04-29 19:02 ` [ 29/30] net: drop dst before queueing fragments Greg Kroah-Hartman
2013-04-29 19:02 ` [ 30/30] sparc32: support atomic64_t Greg Kroah-Hartman
2013-04-30 1:53 ` [ 00/30] 3.0.76-stable review Shuah Khan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130429184356.147563489@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=davem@davemloft.net \
--cc=eric.dumazet@gmail.com \
--cc=hannes@stressinduktion.org \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
--cc=xiong@qca.qualcomm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox