www.infradead.org Git - users/jedix/linux-maple.git/commit

author	Ben Hutchings <ben@decadent.org.uk>
	Wed, 20 Apr 2016 22:23:08 +0000 (23:23 +0100)
committer	Chuck Anderson <chuck.anderson@oracle.com>
	Fri, 8 Jul 2016 02:22:57 +0000 (19:22 -0700)
commit	6b1d3886811afe081a1a82e1b95f5fde60cd3dfa
tree	22aa886873cb0a53e967df25c8c59bce38fd8aaf	tree
parent	80796ad5608674d40bd1459268c42807b8de6c9a	commit \| diff

atl2: Disable unimplemented scatter/gather feature

atl2 includes NETIF_F_SG in hw_features even though it has no support
for non-linear skbs. This bug was originally harmless since the
driver does not claim to implement checksum offload and that used to
be a requirement for SG.

Now that SG and checksum offload are independent features, if you
explicitly enable SG *and* use one of the rare protocols that can use
SG without checkusm offload, this potentially leaks sensitive
information (before you notice that it just isn't working). Therefore
this obscure bug has been designated CVE-2016-2117.

Reported-by: Justin Yackoski <jyackoski@crypto-nite.com>
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Fixes: ec5f06156423 ("net: Kill link between CSUM and SG features.")
Signed-off-by: David S. Miller <davem@davemloft.net>
Orabug: 23703754
(cherry picked from commit f43bfaeddc79effbf3d0fcb53ca477cca66f3db8)
Signed-off-by: Todd Vierling <todd.vierling@oracle.com>