diff options
author | Jason Wang <jasowang@redhat.com> | 2021-02-24 11:44:36 +0800 |
---|---|---|
committer | Jason Wang <jasowang@redhat.com> | 2021-03-15 16:41:22 +0800 |
commit | 705df5466c98f3efdd2b68d3b31dad86858acad7 (patch) | |
tree | f07da22288195fe5fb2a9aa912d082ad3056bb47 /include/net/queue.h | |
parent | 3de46e6fc489c52c9431a8a832ad8170a7569bd8 (diff) |
net: introduce qemu_receive_packet()
Some NIC supports loopback mode and this is done by calling
nc->info->receive() directly which in fact suppresses the effort of
reentrancy check that is done in qemu_net_queue_send().
Unfortunately we can't use qemu_net_queue_send() here since for
loopback there's no sender as peer, so this patch introduce a
qemu_receive_packet() which is used for implementing loopback mode
for a NIC with this check.
NIC that supports loopback mode will be converted to this helper.
This is intended to address CVE-2021-3416.
Cc: Prasad J Pandit <ppandit@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Cc: qemu-stable@nongnu.org
Signed-off-by: Jason Wang <jasowang@redhat.com>
Diffstat (limited to 'include/net/queue.h')
-rw-r--r-- | include/net/queue.h | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/include/net/queue.h b/include/net/queue.h index c0269bb1dc..9f2f289d77 100644 --- a/include/net/queue.h +++ b/include/net/queue.h @@ -55,6 +55,14 @@ void qemu_net_queue_append_iov(NetQueue *queue, void qemu_del_net_queue(NetQueue *queue); +ssize_t qemu_net_queue_receive(NetQueue *queue, + const uint8_t *data, + size_t size); + +ssize_t qemu_net_queue_receive_iov(NetQueue *queue, + const struct iovec *iov, + int iovcnt); + ssize_t qemu_net_queue_send(NetQueue *queue, NetClientState *sender, unsigned flags, |