| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 07 Feb 2017 13:20:18 -0800
From: Eric Dumazet <eric.dumazet@...il.com>
To: Willem de Bruijn <willemdebruijn.kernel@...il.com>
Cc: netdev@...r.kernel.org, davem@...emloft.net,
sowmini.varadhan@...cle.com, dvyukov@...gle.com,
Willem de Bruijn <willemb@...gle.com>
Subject: Re: [PATCH net 1/2] net: introduce device min_header_len
On Tue, 2017-02-07 at 15:57 -0500, Willem de Bruijn wrote:
> From: Willem de Bruijn <willemb@...gle.com>
>
> The stack must not pass packets to device drivers that are shorter
> than the minimum link layer header length.
>
> Previously, packet sockets would drop packets smaller than or equal
> to dev->hard_header_len, but this has false positives. Zero length
> payload is used over Ethernet. Other link layer protocols support
> variable length headers. Support for validation of these protocols
> removed the min length check for all protocols.
>
> Introduce an explicit dev->min_header_len parameter and drop all
> packets below this value. Initially, set it to non-zero only for
> Ethernet and loopback. Other protocols can follow in a patch to
> net-next.
>
> Fixes: 9ed988cd5915 ("packet: validate variable length ll headers")
> Reported-by: Sowmini Varadhan <sowmini.varadhan@...cle.com>
> Signed-off-by: Willem de Bruijn <willemb@...gle.com>
> ---
Acked-by: Eric Dumazet <edumazet@...gle.com>
Powered by blists - more mailing lists