OpenE2K
/
linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

drop_monitor: Better sanitize notified packets 

When working in 'packet' mode, drop monitor generates a notification
with a potentially truncated payload of the dropped packet. The payload
is copied from the MAC header, but I forgot to check that the MAC header
was set, so do it now.

Fixes: ca30707dee ("drop_monitor: Add packet alert mode")
Fixes: 5e58109b1e ("drop_monitor: Add support for packet alert mode for hardware drops")
Acked-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: Ido Schimmel <idosch@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Ido Schimmel 2019-09-15 09:46:36 +03:00 committed by David S. Miller
parent 58a406def4
commit bef1746681
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
net/core/drop_monitor.c
View File

@ -487,6 +487,9 @@ static void net_dm_packet_trace_kfree_skb_hit(void *ignore,
struct sk_buff *nskb;
unsigned long flags;
if (!skb_mac_header_was_set(skb))
return;
nskb = skb_clone(skb, GFP_ATOMIC);
if (!nskb)
return;
@ -900,6 +903,9 @@ net_dm_hw_packet_probe(struct sk_buff *skb,
struct sk_buff *nskb;
unsigned long flags;
if (!skb_mac_header_was_set(skb))
return;
nskb = skb_clone(skb, GFP_ATOMIC);
if (!nskb)
return;