[Intel-wired-lan] [iwl-net v3 5/5] ice: fix using untrusted value of pkt_len in ice_vc_fdir_parse_raw()
Romanowski, Rafal
rafal.romanowski at intel.com
Mon Mar 17 13:27:04 UTC 2025
> -----Original Message-----
> From: Intel-wired-lan <intel-wired-lan-bounces at osuosl.org> On Behalf Of
> Martyna Szapar-Mudlaw
> Sent: Tuesday, March 4, 2025 12:09 PM
> To: intel-wired-lan at lists.osuosl.org
> Cc: netdev at vger.kernel.org; Polchlopek, Mateusz
> <mateusz.polchlopek at intel.com>; Kitszel, Przemyslaw
> <przemyslaw.kitszel at intel.com>; Martyna Szapar-Mudlaw <martyna.szapar-
> mudlaw at linux.intel.com>
> Subject: [Intel-wired-lan] [iwl-net v3 5/5] ice: fix using untrusted value of pkt_len
> in ice_vc_fdir_parse_raw()
>
> From: Mateusz Polchlopek <mateusz.polchlopek at intel.com>
>
> Fix using the untrusted value of proto->raw.pkt_len in function
> ice_vc_fdir_parse_raw() by verifying if it does not exceed the
> VIRTCHNL_MAX_SIZE_RAW_PACKET value.
>
> Fixes: 99f419df8a5c ("ice: enable FDIR filters from raw binary patterns for VFs")
> Reviewed-by: Przemek Kitszel <przemyslaw.kitszel at intel.com>
> Signed-off-by: Mateusz Polchlopek <mateusz.polchlopek at intel.com>
> Signed-off-by: Martyna Szapar-Mudlaw <martyna.szapar-
> mudlaw at linux.intel.com>
> ---
> .../ethernet/intel/ice/ice_virtchnl_fdir.c | 24 ++++++++++++-------
> 1 file changed, 15 insertions(+), 9 deletions(-)
>
> diff --git a/drivers/net/ethernet/intel/ice/ice_virtchnl_fdir.c
> b/drivers/net/ethernet/intel/ice/ice_virtchnl_fdir.c
> index 14e3f0f89c78..9be4bd717512 100644
> --- a/drivers/net/ethernet/intel/ice/ice_virtchnl_fdir.c
> +++ b/drivers/net/ethernet/intel/ice/ice_virtchnl_fdir.c
> @@ -832,21 +832,27 @@ ice_vc_fdir_parse_raw(struct ice_vf *vf,
Tested-by: Rafal Romanowski <rafal.romanowski at intel.com>
More information about the Intel-wired-lan
mailing list