From: Alexey Dobriyan <adobri...@gmail.com>
Date: Tue, 11 Apr 2017 12:41:08 +0300
> On Mon, Apr 10, 2017 at 5:43 PM, Eric Dumazet <eric.duma...@gmail.com> wrote:
>> On Mon, 2017-04-10 at 11:07 +0300, Alexey Dobriyan wrote:
>>> struct skb_shared_info {
>>> - unsigned short _unused;
>>> unsigned char nr_frags;
>>> __u8 tx_flags;
>>> unsigned short gso_size;
>>
>> Nack
>>
>> This exact placement was discussed at Netconf and Netdev.
>>
>> We had off-by-one errors in the past leading to nr_frags being mangled,
>> and some exploits were quite happy to use these bugs.
>>
>> Some shuffling in shared_info might help us to find other bugs, and give
>> more work to security researchers
>
> By this logic there should be redzone around every field in networking stack.
It is not a general rule, but a situation we specifically know about
here for this structure and how exploits are actively being coded.
I would like to politely ask that we don't strive so strongly for
"tree wide rules" that we fail to see the need for specific handling
in specific situations as is the case here.
Thank you.
