From nobody Thu May  2 00:10:26 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
 216.205.24.124 as permitted sender) client-ip=216.205.24.124;
 envelope-from=philmd@redhat.com; helo=us-smtp-delivery-124.mimecast.com;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as
 permitted sender)  smtp.mailfrom=philmd@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1606491935; cv=none;
	d=zohomail.com; s=zohoarc;
	b=MZNlrnpL+k1ZLCLD59/XxQxIIBjj14ndSycrtYDRE8WzwIbXqzcbqzk5pciT9KTUXyNoht6lEg+BQ3lW83ZPO4xnk+3gtjPQQfhm0QH4jN8xlOrOUcg3sOFI18pVUO/CwXbkZUQ77ZMUxBRH0KyUKdNDkOZwYVofcFiI5HNNTVM=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1606491935;
 h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:To;
	bh=sd0E8yhPS9sOpXUGXJKqr6MO/jbGaC/7eqQsrFk2V/8=;
	b=LMfoZbKwar2XtW97CVN7Og4XM+NXKjnKQusnqH4T456kssnUwv+VEe991fNqkJTq11Ygqt9qSrf/65zsuHGX2dKa9bBdNPf8VyMzysz0hDZqX8ZLj7gmUSHPLGGL0dvWBh++6ltkMlJ/qvpeqDdvEow9v3FuAziWBImuNi+XcaM=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as
 permitted sender)  smtp.mailfrom=philmd@redhat.com;
	dmarc=pass header.from=<philmd@redhat.com> (p=none dis=none)
 header.from=<philmd@redhat.com>
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.zohomail.com
	with SMTPS id 1606491935434291.98567873958393;
 Fri, 27 Nov 2020 07:45:35 -0800 (PST)
Received: from mail-wm1-f71.google.com (mail-wm1-f71.google.com
 [209.85.128.71]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-157-YOXNDnwOME6_2uAMtiE3Tw-1; Fri, 27 Nov 2020 10:45:32 -0500
Received: by mail-wm1-f71.google.com with SMTP id z16so1349488wma.1
        for <importer@patchew.org>; Fri, 27 Nov 2020 07:45:32 -0800 (PST)
Return-Path: <philmd@redhat.com>
Return-Path: <philmd@redhat.com>
Received: from x1w.redhat.com (111.red-88-21-205.staticip.rima-tde.net.
 [88.21.205.111])
        by smtp.gmail.com with ESMTPSA id
 j8sm15408707wrx.11.2020.11.27.07.45.30
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 27 Nov 2020 07:45:30 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1606491934;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=sd0E8yhPS9sOpXUGXJKqr6MO/jbGaC/7eqQsrFk2V/8=;
	b=N1cFpre6U6wJCuTEGGxDlVfwQziauhAcHpY7efdEtcQhw/aRP8XhrJvoO/n4KjaegGkJe+
	CcvgwX53ZZEbmuzZlt2gZf7OXWJ4eeSz9cJ8HBA8mZDYU5ekbDH12Xt5D1zajHTs6Wvq9q
	r5xN0yx/8b7XNdcIVk1WIngb3O9k5DM=
X-MC-Unique: YOXNDnwOME6_2uAMtiE3Tw-1
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=sd0E8yhPS9sOpXUGXJKqr6MO/jbGaC/7eqQsrFk2V/8=;
        b=CA1UDhb0bpO4q/TE1/+6HMsrHODjXANEYuKXpIV5zf0VTAqmlVIKDJitvNXCcNAoEd
         zb+yVjpxYs/lnO+R+vfFr/ZOijSnbTDgbfPseyV4CX3hlwiC03oidnR1EDUyk+LtBHrC
         ijy06SolLbwoZyELg32vr8P6in6UU8QwVgEdUkb3+w7wFLLZN9zl4fu8dsyDoQHWze8f
         vAwzg4Pd5PFE+0ULzDI99BecLDs2nH14CGvDQrICP/UInPvLhTqNxnmPX6a93x4h+O0Y
         Nrc7ruAyLgHq1hXWTvDTq2gLkHlKONGBRNVNTKi1th+qy4ECGJlpJp83MPqjg/5nyWJC
         IoRw==
X-Gm-Message-State: AOAM530NwJ6xy35IMTaizUAaadEvqRovdhN8+PVS3xQ7LVhxGZncgltp
	IYmALNYi3Fl4hnOkD9+i/gV5rc++r2mezbXGL6Vq7aj0Ea0gMuaPs0KjmIOE3o98ceVpirv+L1M
	8dNqVOHywXG//jw==
X-Received: by 2002:a1c:9d4c:: with SMTP id g73mr9692678wme.127.1606491931452;
        Fri, 27 Nov 2020 07:45:31 -0800 (PST)
X-Google-Smtp-Source: 
 ABdhPJyFebGGMlLbTcj0V8Eb5R6XIGIaf06YPw/f/xj1yjINE8v6/Kpwxdp2T3RRMGk8aQBngGL/Sg==
X-Received: by 2002:a1c:9d4c:: with SMTP id g73mr9692656wme.127.1606491931311;
        Fri, 27 Nov 2020 07:45:31 -0800 (PST)
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
To: Jason Wang <jasowang@redhat.com>,
	qemu-devel@nongnu.org
Cc: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= <marcandre.lureau@redhat.com>,
	P J P <ppandit@redhat.com>,
	Stefan Hajnoczi <stefanha@redhat.com>,
	"Daniel P . Berrange" <berrange@redhat.com>,
	Peter Maydell <peter.maydell@linaro.org>,
	"Michael S . Tsirkin" <mst@redhat.com>,
	Mauro Matteo Cascella <mcascell@redhat.com>,
	Paolo Bonzini <pbonzini@redhat.com>,
	=?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
Subject: [RFC PATCH-for-5.2 1/2] net: Do not accept packets bigger then
 NET_BUFSIZE
Date: Fri, 27 Nov 2020 16:45:23 +0100
Message-Id: <20201127154524.1902024-2-philmd@redhat.com>
X-Mailer: git-send-email 2.26.2
In-Reply-To: <20201127154524.1902024-1-philmd@redhat.com>
References: <20201127154524.1902024-1-philmd@redhat.com>
MIME-Version: 1.0
Authentication-Results: relay.mimecast.com;
	auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=philmd@redhat.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)

Do not allow qemu_send_packet*() and qemu_net_queue_send()
functions to accept packets bigger then NET_BUFSIZE.

Signed-off-by: Philippe Mathieu-Daud=C3=A9 <philmd@redhat.com>
---
We have to put a limit somewhere. NET_BUFSIZE is defined as:

 /* Maximum GSO packet size (64k) plus plenty of room for
  * the ethernet and virtio_net headers
  */
 #define NET_BUFSIZE (4096 + 65536)

If we do want to accept bigger packets (i.e. multiple GSO packets
in a IOV), we could use INT32_MAX as limit...
---
 net/net.c   | 4 ++++
 net/queue.c | 4 ++++
 2 files changed, 8 insertions(+)

diff --git a/net/net.c b/net/net.c
index 6a2c3d95670..f29bfac2b11 100644
--- a/net/net.c
+++ b/net/net.c
@@ -644,6 +644,10 @@ static ssize_t qemu_send_packet_async_with_flags(NetCl=
ientState *sender,
     qemu_hexdump(stdout, "net", buf, size);
 #endif
=20
+    if (size > NET_BUFSIZE) {
+        return -1;
+    }
+
     if (sender->link_down || !sender->peer) {
         return size;
     }
diff --git a/net/queue.c b/net/queue.c
index 19e32c80fda..221a1c87961 100644
--- a/net/queue.c
+++ b/net/queue.c
@@ -191,6 +191,10 @@ ssize_t qemu_net_queue_send(NetQueue *queue,
 {
     ssize_t ret;
=20
+    if (size > NET_BUFSIZE) {
+        return -1;
+    }
+
     if (queue->delivering || !qemu_can_send_packet(sender)) {
         qemu_net_queue_append(queue, sender, flags, data, size, sent_cb);
         return 0;
--=20
2.26.2

From nobody Thu May  2 00:10:26 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
 63.128.21.124 as permitted sender) client-ip=63.128.21.124;
 envelope-from=philmd@redhat.com; helo=us-smtp-delivery-124.mimecast.com;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 63.128.21.124 as
 permitted sender)  smtp.mailfrom=philmd@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1606491940; cv=none;
	d=zohomail.com; s=zohoarc;
	b=GC5zQwl5okihMoj1xOpITHWjL2t2mNKb95hEPqxTLhStRl1JBrfZFRTCm+ATvSNgpfYRVAOX+m4/6nvmsOjjx2OYPKCYZMyFZsw6LoxSPp1RbP3FUYeeAZh5RRfyKTlG0RmEKQk5yIi3R0mUWq2zDdrfrmPCZYReuMF1exOmK8E=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1606491940;
 h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:To;
	bh=/jM98+9QzEA24ZSx1+D0MfttLSxhLTxzTuufk7c6+hU=;
	b=mxLqZsdl44THY3LiemmRHgoHfM8ZdX2hFsZU0oRTyWTE3QL4ovdwSOuGwnKW+Aad8Aaqw02/AFXhFQLgxnccw/eJxKvHuDpfOYf8BywtqS4VcvZkMS484cg7OUrUXShUzlKtr1RaZC6jx9BG4dNtL+AyilLHoQEcrHXfDA89Pn8=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 63.128.21.124 as
 permitted sender)  smtp.mailfrom=philmd@redhat.com;
	dmarc=pass header.from=<philmd@redhat.com> (p=none dis=none)
 header.from=<philmd@redhat.com>
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [63.128.21.124]) by mx.zohomail.com
	with SMTPS id 1606491940680928.7432431416867;
 Fri, 27 Nov 2020 07:45:40 -0800 (PST)
Received: from mail-wr1-f70.google.com (mail-wr1-f70.google.com
 [209.85.221.70]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-74-LlLVjNncMVmNpDayj6axlQ-1; Fri, 27 Nov 2020 10:45:37 -0500
Received: by mail-wr1-f70.google.com with SMTP id n13so3635233wrs.10
        for <importer@patchew.org>; Fri, 27 Nov 2020 07:45:37 -0800 (PST)
Return-Path: <philmd@redhat.com>
Return-Path: <philmd@redhat.com>
Received: from x1w.redhat.com (111.red-88-21-205.staticip.rima-tde.net.
 [88.21.205.111])
        by smtp.gmail.com with ESMTPSA id
 o134sm2399780wme.6.2020.11.27.07.45.35
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 27 Nov 2020 07:45:35 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1606491939;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=/jM98+9QzEA24ZSx1+D0MfttLSxhLTxzTuufk7c6+hU=;
	b=CtcOVZH+zT+E00ss1AaoqB1Bi462j4O4XF5P3p5RG/Fch07pa4UeDJJmsHzOux+OLmpaDp
	IolVGC2vQVAt13Hn7XJj+U7M1O4sKegvhUMLA721IRC+P/5AlC4Gs1/EwHQ3xqhF6xltnz
	doGXQJHvctNxb/+XnabwDdipdul1HFs=
X-MC-Unique: LlLVjNncMVmNpDayj6axlQ-1
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=/jM98+9QzEA24ZSx1+D0MfttLSxhLTxzTuufk7c6+hU=;
        b=KUdlFV5gxBZ87kp6XtjwlJAvqXd5ruQcJEOMb4PqtxyWQpADFXfbhY7NdSnKuhGOUV
         QC4qzXQUhqHg/VPFDWt6+uO1iXXhuiLiXcIlfhYeVCQk5GmjF4G5M0h7676ttLtb/p42
         flrrO3qmH2jqohz5YmoIYGbkKpLsJuCcqCmUobHW1WQ+C+Pe0XZMAxh8etIjWrxG9Q+5
         nFTnNciQKw+06j7FeSiiEmg6f0uPYFfzHASWIK51QzpjVdAlOFOZMdEHA4bXqF6KrBk7
         UN2VhmFhxv2/j2iZVHUXuh4JBT+xYNyK/3Gy+o19iwArxAMkQL+lf1MMESFWhuDcaAa/
         Q2Yg==
X-Gm-Message-State: AOAM530Zb47SZudT8hG2YoVEUrdrINPQ0NID1UPBtU1u3jYLqRfn3mhn
	9gXCxeiswYexpFI4STFuIqnwQNP/wz9vbyvj1Yrox8SB+KGd4DgxH38VmV+T9fS6NSAzeqTIfJb
	h2ekcGa8SyWg0aw==
X-Received: by 2002:a1c:6609:: with SMTP id a9mr4204703wmc.32.1606491936559;
        Fri, 27 Nov 2020 07:45:36 -0800 (PST)
X-Google-Smtp-Source: 
 ABdhPJwc96KWGczHRzr0LTxPFYU0BHNEdAWXpJh6B2YiZdz+mbVa15jP12d9q1Aeo0uTzmBIxmFamA==
X-Received: by 2002:a1c:6609:: with SMTP id a9mr4204676wmc.32.1606491936366;
        Fri, 27 Nov 2020 07:45:36 -0800 (PST)
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
To: Jason Wang <jasowang@redhat.com>,
	qemu-devel@nongnu.org
Cc: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= <marcandre.lureau@redhat.com>,
	P J P <ppandit@redhat.com>,
	Stefan Hajnoczi <stefanha@redhat.com>,
	"Daniel P . Berrange" <berrange@redhat.com>,
	Peter Maydell <peter.maydell@linaro.org>,
	"Michael S . Tsirkin" <mst@redhat.com>,
	Mauro Matteo Cascella <mcascell@redhat.com>,
	Paolo Bonzini <pbonzini@redhat.com>,
	=?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
Subject: [RFC PATCH-for-5.2 2/2] net: Assert no packet bigger than NET_BUFSIZE
 is queued
Date: Fri, 27 Nov 2020 16:45:24 +0100
Message-Id: <20201127154524.1902024-3-philmd@redhat.com>
X-Mailer: git-send-email 2.26.2
In-Reply-To: <20201127154524.1902024-1-philmd@redhat.com>
References: <20201127154524.1902024-1-philmd@redhat.com>
MIME-Version: 1.0
Authentication-Results: relay.mimecast.com;
	auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=philmd@redhat.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)

Ensure no packet bigger then NET_BUFSIZE is queued via
qemu_net_queue_append*() by adding assertions.

Signed-off-by: Philippe Mathieu-Daud=C3=A9 <philmd@redhat.com>
---
 net/queue.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/net/queue.c b/net/queue.c
index 221a1c87961..94b98b19ef9 100644
--- a/net/queue.c
+++ b/net/queue.c
@@ -102,6 +102,8 @@ static void qemu_net_queue_append(NetQueue *queue,
     if (queue->nq_count >=3D queue->nq_maxlen && !sent_cb) {
         return; /* drop if queue full and no callback */
     }
+
+    assert(size <=3D NET_BUFSIZE);
     packet =3D g_malloc(sizeof(NetPacket) + size);
     packet->sender =3D sender;
     packet->flags =3D flags;
@@ -131,6 +133,7 @@ void qemu_net_queue_append_iov(NetQueue *queue,
         max_len +=3D iov[i].iov_len;
     }
=20
+    assert(max_len <=3D NET_BUFSIZE);
     packet =3D g_malloc(sizeof(NetPacket) + max_len);
     packet->sender =3D sender;
     packet->sent_cb =3D sent_cb;
--=20
2.26.2