On 22/11/24 06:03, Akihiko Odaki wrote:
The specification says hash_report should be set to
VIRTIO_NET_HASH_REPORT_NONE if VIRTIO_NET_F_HASH_REPORT is negotiated
but not configured with VIRTIO_NET_CTRL_MQ_RSS_CONFIG. However,
virtio_net_receive_rcu() instead wrote out the content of the extra_hdr
variable, which is not uninitialized in such a case.
Fix this by zeroing the extra_hdr.
Fixes: e22f0603fb2f ("virtio-net: reference implementation of hash report")
Signed-off-by: Akihiko Odaki <akihiko.od...@daynix.com>
---
hw/net/virtio-net.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c
index b544d2e91a77..44ea72b50e0e 100644
--- a/hw/net/virtio-net.c
+++ b/hw/net/virtio-net.c
@@ -1911,6 +1911,8 @@ static ssize_t virtio_net_receive_rcu(NetClientState *nc,
const uint8_t *buf,
Alternatively:
- struct virtio_net_hdr_v1_hash extra_hdr;
+ struct virtio_net_hdr_v1_hash extra_hdr = { };
Regardless,
Reviewed-by: Philippe Mathieu-Daudé <phi...@linaro.org>
size_t offset, i, guest_offset, j;
ssize_t err;
+ memset(&extra_hdr, 0, sizeof(extra_hdr));
+
if (n->rss_data.enabled && n->rss_data.enabled_software_rss) {
int index = virtio_net_process_rss(nc, buf, size, &extra_hdr);
if (index >= 0) {