| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 25 Jan 2017 12:45:31 -0500 (EST)
From: David Miller <davem@...emloft.net>
To: sowmini.varadhan@...cle.com
Cc: netdev@...r.kernel.org
Subject: Re: [PATCH RFC net-next] packet: always ensure that we pass
hard_header_len bytes in skb_headlen() to the driver
From: Sowmini Varadhan <sowmini.varadhan@...cle.com>
Date: Tue, 24 Jan 2017 08:11:49 -0800
> @@ -2685,21 +2685,22 @@ static inline int dev_parse_header(const struct sk_buff *skb,
> }
>
> /* ll_header must have at least hard_header_len allocated */
> -static inline bool dev_validate_header(const struct net_device *dev,
> +static inline int dev_validate_header(const struct net_device *dev,
> char *ll_header, int len)
> {
> if (likely(len >= dev->hard_header_len))
> - return true;
> + return len;
>
> if (capable(CAP_SYS_RAWIO)) {
> memset(ll_header + len, 0, dev->hard_header_len - len);
> - return true;
> + return dev->hard_header_len;
> }
>
> if (dev->header_ops && dev->header_ops->validate)
> - return dev->header_ops->validate(ll_header, len);
> + if (!dev->header_ops->validate(ll_header, len))
> + return -1;
>
> - return false;
> + return dev->hard_header_len;
> }
>
> typedef int gifconf_func_t(struct net_device * dev, char __user * bufptr, int len);
This mostly looks good. But I'm not so sure you handle the variable length header
case properly. That's why we have the header_ops->validate() callback, to accomodate
that.
In the variable length case, you'll end up having to return something other than
just hard_header_len. Probably you'll need to make header_ops->validate() return
that length.
Powered by blists - more mailing lists