| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 22 May 2016 14:33:53 +0200 From: Hannes Frederic Sowa <hannes@...essinduktion.org> To: "Michael S. Tsirkin" <mst@...hat.com> Cc: Tom Herbert <tom@...bertland.com>, davem@...emloft.net, netdev@...r.kernel.org, kernel-team@...com Subject: Re: [PATCH v7 net-next 01/16] gso: Remove arbitrary checks for unsupported GSO On 22.05.2016 09:44, Michael S. Tsirkin wrote: > On Sat, May 21, 2016 at 03:02:30AM +0200, Hannes Frederic Sowa wrote: >> Hello, >> >> On 18.05.2016 18:06, Tom Herbert wrote: >>> In several gso_segment functions there are checks of gso_type against >>> a seemingly arbitrary list of SKB_GSO_* flags. This seems like an >>> attempt to identify unsupported GSO types, but since the stack is >>> the one that set these GSO types in the first place this seems >>> unnecessary to do. If a combination isn't valid in the first >>> place that stack should not allow setting it. >>> >>> This is a code simplication especially for add new GSO types. >> >> I couldn't still wrap my head around this. >> >> I wonder if this is safe in case of if the packet is generated from an >> untrusted virtual machine over virtio_net? >> >> Bye, >> Hannes > > I'm not sure how you use virtio_net, but neither it nor tun or macvtap > commonly used as backends for it pass gso flags through > from untrusted entities. Sorry for the noise, I see the flags gets sanitized during transport. Thanks, Hannes
Powered by blists - more mailing lists