From: Willem de Bruijn <willemdebruijn.kernel@gmail.com>
To: Sowmini Varadhan <sowmini.varadhan@oracle.com>
Cc: David Miller <davem@davemloft.net>,
Network Development <netdev@vger.kernel.org>
Subject: Re: [PATCH RFC net-next] packet: always ensure that we pass hard_header_len bytes in skb_headlen() to the driver
Date: Fri, 27 Jan 2017 14:29:06 -0500 [thread overview]
Message-ID: <CAF=yD-J6r+myVVAb5uNL8-Fua7Gr5q8U+veqPB=xm4gNOTp5Tg@mail.gmail.com> (raw)
In-Reply-To: <20170127170320.GD25829@oracle.com>
> On (01/27/17 10:28), Willem de Bruijn wrote:
>> > Would it make sense to only do the CAP_SYS_RAWIO branch if the
>> > driver declares itself to have variable length L2 headers, via, e.g.,
>> > some priv flag?
>>
>> At the time, the comments were not specific to AX25. Again, we should
>> probably put that bypass behind a flag, enabling validating in the common case.
>
> Just to make sure I'm on the same page as you (since you have more
> history with this one..) we are going to have a priv_flags like
> IFF_VAR_L2HDR which (today) would only be set for ax25, and
> we would only take the CAP_SYS_RAWIO branch for IFF_VAR_L2HDR, right?
I suggested a sysctl. But either approach may cause test applications
that depend on current behavior to start failing.
As your patch state, the contract is that any packet delivered to a
driver has the entire L2 in its linear section. Drivers are not required
to be robust against shorter packets, so there is no reason to test
those.
One option is to limit your fix to known fixed-header protocols.
In these cases hard_header_len is the minimum, so anything
smaller must be dropped.
For protocols with variable header length it is fine to send packets
shorter than hard_header_len, even with corrupted content (i.e.,
even if they would fail that protocol's validate callback), as long as
they exceed the minimum length. ax25 already has a min length
check through its protocol-specific validate callback.
next prev parent reply other threads:[~2017-01-27 19:29 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-01-24 16:11 [PATCH RFC net-next] packet: always ensure that we pass hard_header_len bytes in skb_headlen() to the driver Sowmini Varadhan
2017-01-25 17:45 ` David Miller
2017-01-26 20:21 ` Willem de Bruijn
2017-01-26 21:37 ` Sowmini Varadhan
2017-01-27 0:08 ` Willem de Bruijn
2017-01-27 2:08 ` Sowmini Varadhan
2017-01-27 14:37 ` Willem de Bruijn
2017-01-27 15:11 ` Sowmini Varadhan
2017-01-27 15:28 ` Willem de Bruijn
2017-01-27 17:03 ` Sowmini Varadhan
2017-01-27 19:29 ` Willem de Bruijn [this message]
2017-01-27 20:06 ` Sowmini Varadhan
2017-01-27 20:51 ` Willem de Bruijn
2017-01-27 21:58 ` Sowmini Varadhan
2017-01-28 0:19 ` Willem de Bruijn
2017-01-30 16:26 ` Sowmini Varadhan
2017-01-30 16:41 ` David Miller
2017-02-07 20:51 ` Willem de Bruijn
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAF=yD-J6r+myVVAb5uNL8-Fua7Gr5q8U+veqPB=xm4gNOTp5Tg@mail.gmail.com' \
--to=willemdebruijn.kernel@gmail.com \
--cc=davem@davemloft.net \
--cc=netdev@vger.kernel.org \
--cc=sowmini.varadhan@oracle.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.