|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] xennet_start_xmit assumptions
From: Sowmini Varadhan <sowmini.varadhan@xxxxxxxxxx>
Date: Thu, 19 Jan 2017 17:41:23 -0500
> On (01/19/17 13:47), Sowmini Varadhan wrote:
>> > Specifically I'm talking about the dev_validate_header() check.
>> > That is supposed to protect us from these kinds of situations.
>>
>> ah, but I run my pf_packet application as root, so I have
>> capable(CAP_SYS_RAWIO), so I slip through the dev_validate_header()
>> check.
>
> and in that light, should dev_validate_header()
> always return false if len == 0?
>
> that will take care of all the send paths in af_packet.c
> but it impacts all drivers as well (even though it is the
> logically correct thing to do..)
I think dev_validate_header() almost does the correct thing in
the SYS_RAWIO case.
It clears out the not-provided hard header bytes, but it doesn't
adjust the skb->len. I think that is a real requirement in this
situation.
CAP_SYS_RAWIO or not, the contract we have with the device is that
there will be at least enough bytes to cover a link layer header.
This probably requires a little bit of an adjustment to the calling
convention. Perhaps:
int dev_validate_header(const struct net_device *dev,
char *ll_header, int len);
So then you can go:
new_len = dev_validate_header(dev, skb->data, len);
if (new_len < 0)
goto out_cleanup_err;
if (new_len > len)
__skb_put(skb, new_len - len);
Or something like that.
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |