]> git.baikalelectronics.ru Git - kernel.git/commit
projects / kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1d87b69) | patch
bridge : Sanitize skb before it enters the IP stack
authorBandan Das <bandan.das@stratus.com>
Sun, 19 Sep 2010 09:34:33 +0000 (09:34 +0000)
committerDavid S. Miller <davem@davemloft.net>
Sun, 19 Sep 2010 19:42:34 +0000 (12:42 -0700)
commit70ab905bdb5fb08c7c871b1b7e8b74ced2110966
tree63a8abf3657bb4ce586fdf14c89e6d81ca280725tree | snapshot
parent1d87b69a8640eb3fa4637aae3d745f48ac837b3fcommit | diff
bridge : Sanitize skb before it enters the IP stack

Related dicussion here : http://lkml.org/lkml/2010/9/3/16

Introduce a function br_parse_ip_options that will audit the
skb and possibly refill IP options before a packet enters the
IP stack. If no options are present, the function will zero out
the skb cb area so that it is not misinterpreted as options by some
unsuspecting IP layer routine. If packet consistency fails, drop it.

Signed-off-by: Bandan Das <bandan.das@stratus.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/bridge/br_netfilter.c diff | blob | history
net/ipv4/ip_options.c diff | blob | history
Linux Kernel Source Tree.