Hi,
going through the USB network drivers looking for ways
a malicious device could do us harm I found drivers taking
the alignment coming from the device for granted.
An example can be seen in qmi_wwan:
while (offset + qmimux_hdr_sz < skb->len) { hdr = (struct qmimux_hdr
*)(skb->data + offset); len = be16_to_cpu(hdr->pkt_len); As you can see
the driver accesses stuff coming from the device with the expectation
that it keep to natural alignment. On some architectures that is a way a
device could use to do bad things to a host. What is to be done about
that? Regards Oliver
