Lucid CVE-2012-3412

Tim Gardner tim.gardner at canonical.com
Thu Aug 23 20:14:23 UTC 2012


On 08/23/2012 01:24 PM, Herton Ronaldo Krzesinski wrote:
> * patch "net: Allow driver to limit number of GSO segments per skb"
> 
> I think the backport is wrong. On Lucid there is no netif_skb_features,
> but the check shouldn't go inside dev_can_checksum. As far as I
> understand the code changes, the clearing GSO flags in dev->features
> should happen right before netif_needs_gso, and on Lucid netif_needs_gso
> is called from two places instead of one (also on xen-netfront), so may
> be for Lucid the clearing of the feature flags could be done inside
> netif_needs_gso.
> 

You are correct. I didn't look at that one close enough.

> * patch "tcp: Apply device TSO segment limit earlier"
> 
> I didn't paid attention before, but I noticed now that on backports of
> this patch, on tcp_is_cwnd_limited, you are returning a bool on the
> backport while the function was still of int type, shouldn't cause
> problems but looks ugly. It happened on all backports of this patch
> since Precise, so if fixing this here on Lucid, probably should be fixed
> on the others as well (Natty->Precise).
> 

The code is functionally equivalent, and is true to the upstream patch
so I'm inclined to leave it be.

> Also other thing that was not part of the change in the commit upstream,
> and is harmless anyway, is that on tcp_mss_split_point, you change
> "struct tcp_sock *tp" declaration to const. I don't think is a problem
> anyway, but isn't related to the change. It wasn't const in Oneiric and
> earlier.
> 

The upstream prototype is 'const struct tcp_sock *tp', but I think its
benign.

> * patch "sfc: Fix maximum number of TSO segments and minimum TX queue size"
> 
> On this last one, I saw you define new macros,
> EFX_MAX_DMAQ_SIZE/EFX_MIN_DMAQ_SIZE, but they are not used on the
> backport, is that needed? Also EFX_TXQ_SIZE is changed, but doesn't seem
> needed as well on the backport.
> 

EFX_MAX_DMAQ_SIZE/EFX_MIN_DMAQ_SIZE came in with the patch backport and
are indeed unused (and benign).

I changed both EFX_TXQ_SIZE and EFX_RXQ_SIZE to use
EFX_DEFAULT_DMAQ_SIZE so that neither is a magic number.

I've repushed with an update to "net: Allow driver to limit number of
GSO segments per skb"

rtg
-- 
Tim Gardner tim.gardner at canonical.com




More information about the kernel-team mailing list