[PATCH] usb: gadget: aspeed: fix buffer overflow
gregkh at linuxfoundation.org
Fri Oct 28 20:17:05 AEDT 2022
On Fri, Oct 28, 2022 at 09:04:52AM +0000, Neal Liu wrote:
> > > Thanks for your feedback.
> > > I tried to reproduce it on my side, and it cannot be reproduce it.
> > > Here are my test sequences:
> > > 1. emulate one of the vhub port to usb ethernet through Linux gadget
> > > (ncm)
> > We are using rndis instead of ncm.
> > > 2. connect BMC vhub to Host
> > > 3. BMC & Host can ping each other (both usb eth dev default mtu is
> > > 1500) 4. Set BMC mtu to 1000 (Host OS cannot set usb eth dev mtu to
> > > 2000, it's maxmtu is 1500)
> > Not sure if it's related, but in my case (USB rndis, Debian 10 OS) it should be
> > able to set MTU to 2000.
> Using rndis is able to set MTU to 2000, and the issue can be reproduced.
Please NEVER use rndis anymore. I need to go just delete that driver
from the tree.
It is insecure-by-design and will cause any system that runs it to be
instantly compromised and it can not be fixed. Never trust it.
Even for data throughput tests, I wouldn't trust it as it does odd
things with packet sizes as you show here.
More information about the Linux-aspeed