include/net/net.h | 5 +++++ net/slirp.c | 2 +- net/tap-win32.c | 2 +- net/tap.c | 2 +- 4 files changed, 8 insertions(+), 3 deletions(-)
There could be case that peer is NULL. This can happen when during
network device hot-add where net device needs to be added first. So
the patch check the existence of peer before trying to do the pad.
Fixes: 969e50b61a285 ("net: Pad short frames to minimum size before sending from SLiRP/TAP")
Signed-off-by: Jason Wang <jasowang@redhat.com>
---
include/net/net.h | 5 +++++
net/slirp.c | 2 +-
net/tap-win32.c | 2 +-
net/tap.c | 2 +-
4 files changed, 8 insertions(+), 3 deletions(-)
diff --git a/include/net/net.h b/include/net/net.h
index eff24519d2..1ef536d771 100644
--- a/include/net/net.h
+++ b/include/net/net.h
@@ -241,4 +241,9 @@ uint32_t net_crc32_le(const uint8_t *p, int len);
.offset = vmstate_offset_macaddr(_state, _field), \
}
+static inline bool net_peer_needs_padding(NetClientState *nc)
+{
+ return nc->peer && !nc->peer->do_not_pad;
+}
+
#endif
diff --git a/net/slirp.c b/net/slirp.c
index a01a0fccd3..7a4e96db5c 100644
--- a/net/slirp.c
+++ b/net/slirp.c
@@ -119,7 +119,7 @@ static ssize_t net_slirp_send_packet(const void *pkt, size_t pkt_len,
uint8_t min_pkt[ETH_ZLEN];
size_t min_pktsz = sizeof(min_pkt);
- if (!s->nc.peer->do_not_pad) {
+ if (net_peer_needs_padding(&s->nc)) {
if (eth_pad_short_frame(min_pkt, &min_pktsz, pkt, pkt_len)) {
pkt = min_pkt;
pkt_len = min_pktsz;
diff --git a/net/tap-win32.c b/net/tap-win32.c
index 897bd18e32..6096972f5d 100644
--- a/net/tap-win32.c
+++ b/net/tap-win32.c
@@ -696,7 +696,7 @@ static void tap_win32_send(void *opaque)
if (size > 0) {
orig_buf = buf;
- if (!s->nc.peer->do_not_pad) {
+ if (net_peer_needs_padding(&s->nc)) {
if (eth_pad_short_frame(min_pkt, &min_pktsz, buf, size)) {
buf = min_pkt;
size = min_pktsz;
diff --git a/net/tap.c b/net/tap.c
index 7d53cedaec..820872fde8 100644
--- a/net/tap.c
+++ b/net/tap.c
@@ -203,7 +203,7 @@ static void tap_send(void *opaque)
size -= s->host_vnet_hdr_len;
}
- if (!s->nc.peer->do_not_pad) {
+ if (net_peer_needs_padding(&s->nc)) {
if (eth_pad_short_frame(min_pkt, &min_pktsz, buf, size)) {
buf = min_pkt;
size = min_pktsz;
--
2.25.1
On Fri, Apr 23, 2021 at 11:18 AM Jason Wang <jasowang@redhat.com> wrote: > > There could be case that peer is NULL. This can happen when during > network device hot-add where net device needs to be added first. So > the patch check the existence of peer before trying to do the pad. > > Fixes: 969e50b61a285 ("net: Pad short frames to minimum size before sending from SLiRP/TAP") > Signed-off-by: Jason Wang <jasowang@redhat.com> > --- > include/net/net.h | 5 +++++ > net/slirp.c | 2 +- > net/tap-win32.c | 2 +- > net/tap.c | 2 +- > 4 files changed, 8 insertions(+), 3 deletions(-) > Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Am 23.04.21 um 05:18 schrieb Jason Wang: > There could be case that peer is NULL. This can happen when during > network device hot-add where net device needs to be added first. So > the patch check the existence of peer before trying to do the pad. > > Fixes: 969e50b61a285 ("net: Pad short frames to minimum size before sending from SLiRP/TAP") > Signed-off-by: Jason Wang <jasowang@redhat.com> > --- > include/net/net.h | 5 +++++ > net/slirp.c | 2 +- > net/tap-win32.c | 2 +- > net/tap.c | 2 +- > 4 files changed, 8 insertions(+), 3 deletions(-) > > diff --git a/include/net/net.h b/include/net/net.h > index eff24519d2..1ef536d771 100644 > --- a/include/net/net.h > +++ b/include/net/net.h > @@ -241,4 +241,9 @@ uint32_t net_crc32_le(const uint8_t *p, int len); > .offset = vmstate_offset_macaddr(_state, _field), \ > } > > +static inline bool net_peer_needs_padding(NetClientState *nc) > +{ > + return nc->peer && !nc->peer->do_not_pad; > +} > + > #endif > diff --git a/net/slirp.c b/net/slirp.c > index a01a0fccd3..7a4e96db5c 100644 > --- a/net/slirp.c > +++ b/net/slirp.c > @@ -119,7 +119,7 @@ static ssize_t net_slirp_send_packet(const void *pkt, size_t pkt_len, > uint8_t min_pkt[ETH_ZLEN]; > size_t min_pktsz = sizeof(min_pkt); > > - if (!s->nc.peer->do_not_pad) { > + if (net_peer_needs_padding(&s->nc)) { > if (eth_pad_short_frame(min_pkt, &min_pktsz, pkt, pkt_len)) { > pkt = min_pkt; > pkt_len = min_pktsz; > diff --git a/net/tap-win32.c b/net/tap-win32.c > index 897bd18e32..6096972f5d 100644 > --- a/net/tap-win32.c > +++ b/net/tap-win32.c > @@ -696,7 +696,7 @@ static void tap_win32_send(void *opaque) > if (size > 0) { > orig_buf = buf; > > - if (!s->nc.peer->do_not_pad) { > + if (net_peer_needs_padding(&s->nc)) { > if (eth_pad_short_frame(min_pkt, &min_pktsz, buf, size)) { > buf = min_pkt; > size = min_pktsz; > diff --git a/net/tap.c b/net/tap.c > index 7d53cedaec..820872fde8 100644 > --- a/net/tap.c > +++ b/net/tap.c > @@ -203,7 +203,7 @@ static void tap_send(void *opaque) > size -= s->host_vnet_hdr_len; > } > > - if (!s->nc.peer->do_not_pad) { > + if (net_peer_needs_padding(&s->nc)) { > if (eth_pad_short_frame(min_pkt, &min_pktsz, buf, size)) { > buf = min_pkt; > size = min_pktsz; I assume that you had a test case which triggered that null pointer access? If yes, than this should indeed be applied before releasing 6.0. The modification is simple enough for a last minute change. Reviewed-by: Stefan Weil <sw@weilnetz.de>
在 2021/4/23 下午1:42, Stefan Weil 写道: > Am 23.04.21 um 05:18 schrieb Jason Wang: > >> There could be case that peer is NULL. This can happen when during >> network device hot-add where net device needs to be added first. So >> the patch check the existence of peer before trying to do the pad. >> >> Fixes: 969e50b61a285 ("net: Pad short frames to minimum size before >> sending from SLiRP/TAP") >> Signed-off-by: Jason Wang <jasowang@redhat.com> >> --- >> include/net/net.h | 5 +++++ >> net/slirp.c | 2 +- >> net/tap-win32.c | 2 +- >> net/tap.c | 2 +- >> 4 files changed, 8 insertions(+), 3 deletions(-) >> >> diff --git a/include/net/net.h b/include/net/net.h >> index eff24519d2..1ef536d771 100644 >> --- a/include/net/net.h >> +++ b/include/net/net.h >> @@ -241,4 +241,9 @@ uint32_t net_crc32_le(const uint8_t *p, int len); >> .offset = vmstate_offset_macaddr(_state, _field), > \ >> } >> +static inline bool net_peer_needs_padding(NetClientState *nc) >> +{ >> + return nc->peer && !nc->peer->do_not_pad; >> +} >> + >> #endif >> diff --git a/net/slirp.c b/net/slirp.c >> index a01a0fccd3..7a4e96db5c 100644 >> --- a/net/slirp.c >> +++ b/net/slirp.c >> @@ -119,7 +119,7 @@ static ssize_t net_slirp_send_packet(const void >> *pkt,size_t pkt_len, >> uint8_t min_pkt[ETH_ZLEN]; >> size_t min_pktsz = sizeof(min_pkt); >> - if (!s->nc.peer->do_not_pad) { >> + if (net_peer_needs_padding(&s->nc)) { >> if (eth_pad_short_frame(min_pkt, &min_pktsz, pkt, pkt_len)) { >> pkt = min_pkt; >> pkt_len = min_pktsz; >> diff --git a/net/tap-win32.c b/net/tap-win32.c >> index 897bd18e32..6096972f5d 100644 >> --- a/net/tap-win32.c >> +++ b/net/tap-win32.c >> @@ -696,7 +696,7 @@ static void tap_win32_send(void *opaque) >> if (size > 0) { >> orig_buf = buf; >> - if (!s->nc.peer->do_not_pad) { >> + if (net_peer_needs_padding(&s->nc)) { >> if (eth_pad_short_frame(min_pkt, &min_pktsz, buf, size)) { >> buf = min_pkt; >> size = min_pktsz; >> diff --git a/net/tap.c b/net/tap.c >> index 7d53cedaec..820872fde8 100644 >> --- a/net/tap.c >> +++ b/net/tap.c >> @@ -203,7 +203,7 @@ static void tap_send(void *opaque) >> size -= s->host_vnet_hdr_len; >> } >> - if (!s->nc.peer->do_not_pad) { >> + if (net_peer_needs_padding(&s->nc)) { >> if (eth_pad_short_frame(min_pkt, &min_pktsz, buf, size)) { >> buf = min_pkt; >> size = min_pktsz; > > > I assume that you had a test case which triggered that null pointer > access? Yes, it's simple to trigger by just adding a tap device and assign an IP to that. Thanks > If yes, than this should indeed be applied before releasing 6.0. > > The modification is simple enough for a last minute change. > > Reviewed-by: Stefan Weil <sw@weilnetz.de> > > > >
On Fri, 23 Apr 2021 at 04:18, Jason Wang <jasowang@redhat.com> wrote: > > There could be case that peer is NULL. This can happen when during > network device hot-add where net device needs to be added first. So > the patch check the existence of peer before trying to do the pad. > > Fixes: 969e50b61a285 ("net: Pad short frames to minimum size before sending from SLiRP/TAP") > Signed-off-by: Jason Wang <jasowang@redhat.com> > --- > include/net/net.h | 5 +++++ > net/slirp.c | 2 +- > net/tap-win32.c | 2 +- > net/tap.c | 2 +- > 4 files changed, 8 insertions(+), 3 deletions(-) Applied to master for 6.0 rc5; thanks. -- PMM
© 2016 - 2024 Red Hat, Inc.