On Mon, Apr 10, 2017 at 5:43 PM, Eric Dumazet <eric.duma...@gmail.com> wrote:
> On Mon, 2017-04-10 at 11:07 +0300, Alexey Dobriyan wrote:
>> struct skb_shared_info {
>> - unsigned short _unused;
>> unsigned char nr_frags;
>> __u8 tx_flags;
>> unsigned short gso_size;
>
> Nack
>
> This exact placement was discussed at Netconf and Netdev.
>
> We had off-by-one errors in the past leading to nr_frags being mangled,
> and some exploits were quite happy to use these bugs.
>
> Some shuffling in shared_info might help us to find other bugs, and give
> more work to security researchers
By this logic there should be redzone around every field in networking stack.
