[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: linux-2.6_2.6.32-48squeeze4 and Bug #701744



On Mon, Feb 24, 2014 at 03:48:26PM +0000, Ian Campbell wrote:
> On Sat, 2014-02-22 at 22:56 +0000, Ben Hutchings wrote:
> > On Mon, 2013-09-30 at 20:25 +1000, Kris Shannon wrote:
> > > I was eagerly awating the release of linux-2.6_2.6.32-48squeeze4
> > > because it would fix #701744 (fallout from XSA-39: Linux netback DoS
> > > via malicious guest ring)
> > > 
> > > 
> > > It turns out I should have read the bug report more closely.
> > > 
> > >  #701744 was only about the xen-netback side of things.
> > > 
> > > 
> > > I haven't been able to find a debian bug about the REAL bug - the
> > > xen-netfront gso overflow.
> > > 
> > > 
> > > Upstream have patched this:
> > > http://git.kernel.org/linus/9ecd1a75d977e2e8c48139c7d3efed183f898d94
> > > 
> > > "netfront: reduce gso_max_size to account for max TCP header"
> > > 
> > > 
> > > Is this likely to go into a squeeze kernel?
> > 
> > Maybe.  Ian, is this going to be possible to backport?
> 
> It looks fairly small and self contained, so I suspect so. Wei -- does
> that sound right (the backport target is Debian Wheezy which is 2.6.32)
> 

Yes, you're right. It should be fairly easy to backport.

Wei.

> The other question is whether there will be any more updates to the
> Squeeze kernel at all, aren't we into security fixes only mode for
> Squeeze by now?
> 
> Ian.
> 
> > > The xen environment I'm running these squeeze VM's in is running on
> > > CentOS dom0's and Redhat have closed the visible bugs I can find on
> > > this as "Not a bug" :(
> > 
> > Right, the over-64K skbs are very definitely a netfront bug and it is
> > correct for dom0 to reject them from an unpatched guest.
> > 
> > As a temporary workaround I think that turning off TSO on netfront would
> > avoid the problem, but it will reduce network TX performance.
> > 
> > Ben.
> > 
> 


Reply to: