lists.openwall.net   lists  /  announce  john-users  owl-users  popa3d-users  /  xvendor  oss-security  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4 
Open Source and information security mailing list archives
 
This website is powered by Openwall GNU/*/Linux security-enhanced OS
[<prev] [next>] [<thread-prev] [thread-next>] [month] [year] [list] 
Date:	Thu, 01 May 2008 12:08:14 +0200
From:	Johannes Berg <johannes@...solutions.net>
To:	David Miller <davem@...emloft.net>
Subject: Re: mac80211 truesize bugs


> > Hmm. The disconnect between truesize and skb->len+sizeof(*skb) was
> > usually 17 or 19 bytes and sizeof(*rthdr) is only 11. On the other hand,
> > I don't see where the other bytes should be coming from. I'll give this
> > a try, thanks.

Even when I explicitly set truesize (rather than adjusting it as you
did) I still get a disconnect.

> Grrr, I bet it's coming from a combination of the
> skb_set_mac_header(skb, 0); call done by mac80211 and the skb_push()
> calls in net/packet/af_packet.c
> 
> davem@...set:~/src/GIT/net-2.6$ egrep skb_push net/packet/af_packet.c
> 	skb_push(skb, skb->data - skb_mac_header(skb));
> 			skb_push(skb, skb->data - skb_mac_header(skb));
> 			skb_push(skb, skb->data - skb_mac_header(skb));

But mac80211 does set_mac_header(0) so this should just push zero bytes,
no?

johannes

[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Hosted by DataForce ISP - Powered by Openwall GNU/*/Linux