Pandora Sourcecodes - pandora-kernel.git/commit

author	Willem de Bruijn <willemb@google.com>
	Thu, 10 Mar 2016 02:58:32 +0000 (21:58 -0500)
committer	Ben Hutchings <ben@decadent.org.uk>
	Sat, 30 Apr 2016 22:05:26 +0000 (00:05 +0200)
commit	b5518429e70cd783b8ca52335456172c1a0589f6
tree	802c52c1b7157dd7954dc1783b45f752a9aee3a0	tree \| snapshot
parent	8b4375878ae845a8b5e672cdcf7e38dcfdef508e	commit \| diff

net: validate variable length ll headers

[ Upstream commit 2793a23aacbd754dbbb5cb75093deb7e4103bace ]

Netdevice parameter hard_header_len is variously interpreted both as
an upper and lower bound on link layer header length. The field is
used as upper bound when reserving room at allocation, as lower bound
when validating user input in PF_PACKET.

Clarify the definition to be maximum header length. For validation
of untrusted headers, add an optional validate member to header_ops.

Allow bypassing of validation by passing CAP_SYS_RAWIO, for instance
for deliberate testing of corrupt input. In this case, pad trailing
bytes, as some device drivers expect completely initialized headers.

See also http://comments.gmane.org/gmane.linux.network/401064

Signed-off-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
[bwh: Backported to 3.2: net_device has inline comments instead of kernel-doc]
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>