git.openpandora.org / pandora-kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: aef3ea3) | patch
bridge : Sanitize skb before it enters the IP stack
authorBandan Das <bandan.das@stratus.com>
Sun, 19 Sep 2010 09:34:33 +0000 (09:34 +0000)
committerDavid S. Miller <davem@davemloft.net>
Sun, 19 Sep 2010 19:42:34 +0000 (12:42 -0700)
commit462fb2af9788a82a534f8184abfde31574e1cfa0
tree63a8abf3657bb4ce586fdf14c89e6d81ca280725tree | snapshot
parentaef3ea33e85035f7c827c1db9155f97f4b7ee725commit | diff
bridge : Sanitize skb before it enters the IP stack

Related dicussion here : http://lkml.org/lkml/2010/9/3/16

Introduce a function br_parse_ip_options that will audit the
skb and possibly refill IP options before a packet enters the
IP stack. If no options are present, the function will zero out
the skb cb area so that it is not misinterpreted as options by some
unsuspecting IP layer routine. If packet consistency fails, drop it.

Signed-off-by: Bandan Das <bandan.das@stratus.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/bridge/br_netfilter.c diff | blob | history
net/ipv4/ip_options.c diff | blob | history
Pandora Kernel Repository