Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754892AbdD1Wrr (ORCPT ); Fri, 28 Apr 2017 18:47:47 -0400 Received: from frisell.zx2c4.com ([192.95.5.64]:36439 "EHLO frisell.zx2c4.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2997985AbdD1Wrh (ORCPT ); Fri, 28 Apr 2017 18:47:37 -0400 MIME-Version: 1.0 In-Reply-To: <20170428161840.GA30423@bistromath.localdomain> References: <20170425155215.4835-1-Jason@zx2c4.com> <20170425184734.26563-1-Jason@zx2c4.com> <20170428161840.GA30423@bistromath.localdomain> From: "Jason A. Donenfeld" Date: Sat, 29 Apr 2017 00:47:30 +0200 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v6 1/5] skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow To: Sabrina Dubroca Cc: Netdev , LKML , David Laight , kernel-hardening@lists.openwall.com, David Miller Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 998 Lines: 20 Hi Sabrina, On Fri, Apr 28, 2017 at 6:18 PM, Sabrina Dubroca wrote: > One small thing here: since you're touching this comment, could you > move it next to skb_to_sgvec, since that's the function it's supposed > to document? Done. I'll wait until next week to resubmit, to give some more time for comments, but my current living copy of this series is here: https://git.zx2c4.com/linux-dev/log/?h=jd/safe-skb-vec One thing I'm considering, after discussing with David Laight, is the potential of just using an explicit stack array for pushing and popping skbs, rather than using the call stack. While this increases complexity, which I'm opposed to, David makes the point that on some architectures, the stack frame is rather large, and 32 function calls of recursion might not be a good idea. Any opinons on this? Overkill and simplicity is preferred? Or in fact best practice? (Either way, I'll do a trial implementation of it to get an idea of how the end result feels.)