From nobody Sat Nov 30 12:33:26 2024 Received: from out-180.mta0.migadu.com (out-180.mta0.migadu.com [91.218.175.180]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 077781BC39 for ; Mon, 9 Sep 2024 16:06:22 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=91.218.175.180 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725897986; cv=none; b=a3rpfL+hxLMvzWvAuDOzSLBHdLgFakOrBUSxMbVfUtEj5sDDNb2/ahsiT2ukTpiliR2kmVPhQ91IWaEqMFaHM0lfpPfCCU7UUPV1LgOGBT21ulh/3emtPGwB787dbUpcqQ85LQkyvWyKC/9rqlrlETduS0S3WjLeALUEC/f1LHY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725897986; c=relaxed/simple; bh=fK7ND1SRwuJf9pb3UJOBltIVp1SguX2VqghRHgzAAeY=; h=From:To:Cc:Subject:Date:Message-Id:MIME-Version; b=l0KQ7fk5gVS8i1vg0ZSeN3KhKkfLvbu+bNeAILKAjqCm/3fuGUhh/+orfQJB6rHXC8zIeyqtPbvV9jHkhw2zF6ObH5+x5/85JxAzdo/z1ezq9LxAs5gdOTKMyzuDtFiZGPrEM8zGPgiBVx7IlgSKglCb9QK12T4URAl7II2IXWk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev; spf=pass smtp.mailfrom=linux.dev; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b=M3H1KR8h; arc=none smtp.client-ip=91.218.175.180 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.dev Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b="M3H1KR8h" X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1725897979; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=d7Y4M8clgRuoEwRJyb9EKzYZ2niP8miNEcJZu+o3olc=; b=M3H1KR8hkqRbarUWY1ytmOtJcPhaWbVL7Ktmo0PcVvVlcWTdPyweTxx9+cPams/gD3u7YS 2JuXtAaXCfsOJnfCGgQyick/5dhvrcbvMeShTlYq4JPND3x3wStcyig80svTfO7LCi49ku zS73+k5g9geQo87jFjqOW/sIG2LLzGo= From: Sean Anderson To: Madalin Bucur , Eric Dumazet , netdev@vger.kernel.org Cc: Paolo Abeni , Jakub Kicinski , linux-kernel@vger.kernel.org, "David S . Miller" , Sean Anderson Subject: [PATCH net] net: dpaa: Pad packets to ETH_ZLEN Date: Mon, 9 Sep 2024 12:06:04 -0400 Message-Id: <20240909160604.1148178-1-sean.anderson@linux.dev> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Migadu-Flow: FLOW_OUT Content-Type: text/plain; charset="utf-8" When sending packets under 60 bytes, up to three bytes of the buffer follow= ing the data may be leaked. Avoid this by extending all packets to ETH_ZLEN, ensuring nothing is leaked in the padding. This bug can be reproduced by running $ ping -s 11 destination Fixes: 9ad1a3749333 ("dpaa_eth: add support for DPAA Ethernet") Signed-off-by: Sean Anderson --- drivers/net/ethernet/freescale/dpaa/dpaa_eth.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/drivers/net/ethernet/freescale/dpaa/dpaa_eth.c b/drivers/net/e= thernet/freescale/dpaa/dpaa_eth.c index cfe6b57b1da0..e4e8ee8b7356 100644 --- a/drivers/net/ethernet/freescale/dpaa/dpaa_eth.c +++ b/drivers/net/ethernet/freescale/dpaa/dpaa_eth.c @@ -2322,6 +2322,12 @@ dpaa_start_xmit(struct sk_buff *skb, struct net_devi= ce *net_dev) } #endif =20 + /* Packet data is always read as 32-bit words, so zero out any part of + * the skb which might be sent if we have to pad the packet + */ + if (__skb_put_padto(skb, ETH_ZLEN, false)) + goto enomem; + if (nonlinear) { /* Just create a S/G fd based on the skb */ err =3D skb_to_sg_fd(priv, skb, &fd); --=20 2.35.1.1320.gc452695387.dirty