On Wed, Nov 28, 2018 at 7:00 AM Eric Dumazet <eduma...@google.com> wrote: > > Nice packet of death alert. > > pad_len can be 0xFFFFFF67 here, if frame_len is smaller than pad_offset.
Unless IP header is malformed, how could it be? Speaking of IP header sanity, I am totally aware of it, I don't check it because I know get_ip_proto() doesn't check either, it must be hardware which verifies the sanity. > > Really I suggest you set ip_summed to CHECKSUM_NONE, then remove the > initial test ( if (likely(frame_len > ETH_ZLEN)) ...) > > Until the firmware is fixed. Hmm, why setting to CHECKSUM_NONE could get rid of the minimum ethernet frame check? I am lost, there is no bug for packet > ETH_ZLEN _for me_, what needs to fix here? Overall, you keep pushing me to fix a bug I don't observe. I don't understand why. If you see it, please come up with your own patch? Why do I have to fix the problem you see?? > > Otherwise frames with a wrong checksum and some non zero padding could > potentially > be seen as correct frames. (Probability of 1/65536) > > Do not focus on your immediate problem (small packets being padded by > a non malicious entity) Again, why _I_ should fix a problem I never observe? Why is it not you who fix the problem you find during code review? No to mention I have no environment to test it even if I really want to fix. I can' take such a risk. Thanks.
