On 7/26/24 15:52, Willem de Bruijn wrote:
On Fri, Jul 26, 2024 at 4:23 AM Paolo Abeni <pabeni@xxxxxxxxxx> wrote:
On 7/26/24 04:32, Willem de Bruijn wrot> @@ -182,6 +171,11 @@ static
inline int virtio_net_hdr_to_skb(struct sk_buff *skb,
if (gso_type != SKB_GSO_UDP_L4)
return -EINVAL;
break;
+ case SKB_GSO_TCPV4:
+ case SKB_GSO_TCPV6:
I think we need to add here an additional check:
if (!(hdr->flags & VIRTIO_NET_HDR_F_NEEDS_CSUM))
return -EINVAL;
Historically this interface has been able to request
VIRTIO_NET_HDR_GSO_* without VIRTIO_NET_HDR_F_NEEDS_CSUM.
I see. I looked at the SKB_GSO_UDP_L4 case, but I did not dig into history.
I would love to clamp down on this, as those packets are essentially
illegal. But we should probably leave that discussion for a separate
patch?
Yep, I guess we have to keep the two discussion separate.
As a consequence, I'm fine with the current checks (with Eric's
suggested changes).
Thanks,
Paolo
