| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20170418144857.7810-1-james.hughes@raspberrypi.org>
Date: Tue, 18 Apr 2017 15:48:57 +0100
From: James Hughes <james.hughes@...pberrypi.org>
To: netdev@...r.kernel.org,
Steve Glendinning <steve.glendinning@...well.net>,
Microchip Linux Driver Support <UNGLinuxDriver@...rochip.com>
Cc: James Hughes <james.hughes@...pberrypi.org>
Subject: [PATCH] smsc95xx: Use skb_cow to deal with cloned skbs
The driver was failing to check that the SKB wasn't cloned
before adding checksum data or adding header data.
Replace existing handling to extend the buffer with
skb_cow. Don't use skb_cow_head as the sw checksum
code modifies the data portion.
Signed-off-by: James Hughes <james.hughes@...pberrypi.org>
---
drivers/net/usb/smsc95xx.c | 10 +++-------
1 file changed, 3 insertions(+), 7 deletions(-)
diff --git a/drivers/net/usb/smsc95xx.c b/drivers/net/usb/smsc95xx.c
index df60c98..04f6397 100644
--- a/drivers/net/usb/smsc95xx.c
+++ b/drivers/net/usb/smsc95xx.c
@@ -2067,13 +2067,9 @@ static struct sk_buff *smsc95xx_tx_fixup(struct usbnet *dev,
/* We do not advertise SG, so skbs should be already linearized */
BUG_ON(skb_shinfo(skb)->nr_frags);
- if (skb_headroom(skb) < overhead) {
- struct sk_buff *skb2 = skb_copy_expand(skb,
- overhead, 0, flags);
- dev_kfree_skb_any(skb);
- skb = skb2;
- if (!skb)
- return NULL;
+ /* Make writable and expand space by overhead if required */
+ if (skb_cow(skb, overhead)) {
+ return NULL;
}
if (csum) {
--
2.9.3
Powered by blists - more mailing lists