Eesh, I just realized I never replied to this mail. Sorry about that. OL> I wonder if the sanity test for mac_len and hdr_len are OL> sufficient, or whether a more constrained test is required. Yep, I have it changed now, along with some of the other checks. OL> The skb->cb holds can be used by any layer to put private OL> variables. OL> Can the user mangle the data in there to create a disaster of some OL> sort ? OL> If the answer is "it's possible", and because this is per protocol OL> data, I suggest to add a per-protocol callback to sanitize the OL> data in this control buffer. Okay, then my answer is "it could be possible later". Right now, I don't think there's anything in there that could be used to do more harm than any of the other things we restore for TCP. We don't restore it for UNIX sockets. OL> To not block this patchset infinitely, I guess you can put the OL> details of the sanity check in a separate patch(set). But I prefer OL> that the current set will at least mention and provision for such OL> a mechanism. Indeed. I've added a lengthy comment to be included in the next posting to cover it for now. -- Dan Smith IBM Linux Technology Center email: danms@xxxxxxxxxx _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers
