[PATCH,v2] arm64: fix the illegal address access in some cases
Catalin Marinas
catalin.marinas at arm.com
Mon Jul 27 07:47:10 EDT 2020
On Sat, Jul 25, 2020 at 10:08:06AM +0800, guodeqing wrote:
> The ihl value of ip header is smaller than 5 in some cases, if the
> ihl value is smaller than 5, then the next code will access the illegal
> address, and the system will panic. ip_fast_csum() must be able to handle
> any value that could fit in the ihl field of the ip protocol header.
>
> Here I add the check of the ihl value to solve this problem.
>
> Fixes: 0e455d8e80aa (arm64: Implement optimised IP checksum helpers)
> Signed-off-by: guodeqing <geffrey.guo at huawei.com>
> ---
> arch/arm64/include/asm/checksum.h | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/arch/arm64/include/asm/checksum.h b/arch/arm64/include/asm/checksum.h
> index b6f7bc6..5a7d9ac 100644
> --- a/arch/arm64/include/asm/checksum.h
> +++ b/arch/arm64/include/asm/checksum.h
> @@ -25,6 +25,9 @@ static inline __sum16 ip_fast_csum(const void *iph, unsigned int ihl)
> __uint128_t tmp;
> u64 sum;
>
> + if (unlikely(ihl < 5))
> + return 1;
> +
> tmp = *(const __uint128_t *)iph;
> iph += 16;
> ihl -= 4;
IHL in IPv4 should be at least 5. Do you have a stack trace to show how
it got here? Maybe the caller should ensure that the correct size is
passed.
Thanks.
--
Catalin
More information about the linux-arm-kernel
mailing list