From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: passt.top; dmarc=none (p=none dis=none) header.from=gibson.dropbear.id.au Authentication-Results: passt.top; dkim=pass (2048-bit key; secure) header.d=gibson.dropbear.id.au header.i=@gibson.dropbear.id.au header.a=rsa-sha256 header.s=202502 header.b=h6FOeHYy; dkim-atps=neutral Received: from mail.ozlabs.org (gandalf.ozlabs.org [150.107.74.76]) by passt.top (Postfix) with ESMTPS id 0D9855A0276 for ; Thu, 13 Mar 2025 06:40:57 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gibson.dropbear.id.au; s=202502; t=1741844452; bh=1jaflM7z4OoBgctUJZLQpWjABW6zU58xIKMrH6+RCp8=; h=From:To:Cc:Subject:Date:From; b=h6FOeHYyT+xVlbMMF9Kti1kd9AzaFjcnzf8VGoA4wEWnbD1F9R4bwzHvU44oM6PE6 qEFy5vTTyIjubRKEmanl1ysp/Fvo/H+5IrdZ68uiC5Hj3cpO3PXHtpzOj8xIq+iC0S uor5n5dbZ724qIvF7R1kzmSD6ExidkEXJhW9vYPCGyNOhnqlhLtIZufbrp0maRyWI4 UJx6U/5aXqppvcij+2BqFmgCrDClrM2nuBt7KsaR5fQ0XI0OK1X/peBNNemBlcc48d sARNgd8blIsS8bYeucHpnkF2LINtSeZYjEZMOo0TJsc+E1zI2F6Rt7SPOMH3f+sqi0 6cCs0PdY8JNKw== Received: by gandalf.ozlabs.org (Postfix, from userid 1007) id 4ZCxDh4LDqz4x3q; Thu, 13 Mar 2025 16:40:52 +1100 (AEDT) From: David Gibson To: passt-dev@passt.top, Stefano Brivio Subject: [PATCH 0/4] Improve robustness of calculations related to frame size limits Date: Thu, 13 Mar 2025 16:40:46 +1100 Message-ID: <20250313054050.642978-1-david@gibson.dropbear.id.au> X-Mailer: git-send-email 2.48.1 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Message-ID-Hash: 3PVRZMN355WPUMU7DT44GD6FH4L6IDHJ X-Message-ID-Hash: 3PVRZMN355WPUMU7DT44GD6FH4L6IDHJ X-MailFrom: dgibson@gandalf.ozlabs.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: David Gibson X-Mailman-Version: 3.3.8 Precedence: list List-Id: Development discussion and patches for passt Archived-At: Archived-At: List-Archive: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: There are a number of places where we make calculations and checks around how large frames can be and where they sit in memory. Several of these are roughly correct, but can be wrong in certain edge cases. Improve robustness by clarifying what we're doing and being more careful about the edge cases. David Gibson (4): vu_common: Tighten vu_packet_check_range() packet: More cautious checks to avoid pointer arithmetic UB tap: Make size of pool_tap[46] purely a tuning parameter tap: Clarify calculation of TAP_MSGS packet.c | 25 +++++++++++++++++++++---- packet.h | 3 +++ passt.h | 2 -- tap.c | 43 ++++++++++++++++++++++++++++++++++++------- tap.h | 3 ++- vu_common.c | 15 ++++++++++----- 6 files changed, 72 insertions(+), 19 deletions(-) -- 2.48.1