From patchwork Thu Dec 15 11:40:34 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: chenweilong <chenweilong@huawei.com>
X-Patchwork-Id: 706044
X-Patchwork-Delegate: davem@davemloft.net
Return-Path: <netdev-owner@vger.kernel.org>
X-Original-To: patchwork-incoming@ozlabs.org
Delivered-To: patchwork-incoming@ozlabs.org
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 3tfWdR1lmGz9sCZ
	for <patchwork-incoming@ozlabs.org>;
	Thu, 15 Dec 2016 22:37:31 +1100 (AEDT)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S932469AbcLOLhF (ORCPT <rfc822;patchwork-incoming@ozlabs.org>);
	Thu, 15 Dec 2016 06:37:05 -0500
Received: from szxga01-in.huawei.com ([58.251.152.64]:33590 "EHLO
	szxga01-in.huawei.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1752138AbcLOLhE (ORCPT
	<rfc822;netdev@vger.kernel.org>); Thu, 15 Dec 2016 06:37:04 -0500
Received: from 172.24.1.47 (EHLO szxeml432-hub.china.huawei.com)
	([172.24.1.47])
	by szxrg01-dlp.huawei.com (MOS 4.3.7-GA FastPath queued)
	with ESMTP id DWM50017; Thu, 15 Dec 2016 19:34:46 +0800 (CST)
Received: from localhost (10.175.101.78) by szxeml432-hub.china.huawei.com
	(10.82.67.209) with Microsoft SMTP Server id 14.3.235.1;
	Thu, 15 Dec 2016 19:34:40 +0800
From: Weilong Chen <chenweilong@huawei.com>
To: <jeffrey.t.kirsher@intel.com>
CC: <intel-wired-lan@lists.osuosl.org>, <netdev@vger.kernel.org>,
	<linux-kernel@vger.kernel.org>
Subject: [PATCH net-next] ixgbevf: fix 'Etherleak' in ixgbevf
Date: Thu, 15 Dec 2016 19:40:34 +0800
Message-ID: <1481802034-77729-1-git-send-email-chenweilong@huawei.com>
X-Mailer: git-send-email 2.5.0
MIME-Version: 1.0
X-Originating-IP: [10.175.101.78]
X-CFilter-Loop: Reflected
Sender: netdev-owner@vger.kernel.org
Precedence: bulk
List-ID: <netdev.vger.kernel.org>
X-Mailing-List: netdev@vger.kernel.org

Nessus report the vf appears to leak memory in network packets.
Fix this by padding all small packets manually.

And the CVE-2003-0001.
https://ofirarkin.files.wordpress.com/2008/11/atstake_etherleak_report.pdf

Signed-off-by: Weilong Chen <chenweilong@huawei.com>
---
 drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c b/drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c
index 6d4bef5..137a154 100644
--- a/drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c
+++ b/drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c
@@ -3654,6 +3654,13 @@ static int ixgbevf_xmit_frame(struct sk_buff *skb, struct net_device *netdev)
 		return NETDEV_TX_OK;
 	}
 
+	/* On PCI/PCI-X HW, if packet size is less than ETH_ZLEN,
+	 * packets may get corrupted during padding by HW.
+	 * To WA this issue, pad all small packets manually.
+	 */
+	if (eth_skb_pad(skb))
+		return NETDEV_TX_OK;
+
 	tx_ring = adapter->tx_ring[skb->queue_mapping];
 
 	/* need: 1 descriptor per page * PAGE_SIZE/IXGBE_MAX_DATA_PER_TXD,