On Fri, 2017-02-03 at 18:20 -0500, Willem de Bruijn wrote: > From: Willem de Bruijn <will...@google.com> > > When IFF_VNET_HDR is enabled, a virtio_net header must precede data. > Data length is verified to be greater than or equal to expected header > length tun->vnet_hdr_sz before copying. > > Read this value once and cache locally, as it can be updated between > the test and use (TOCTOU). > > Signed-off-by: Willem de Bruijn <will...@google.com> > Reported-by: Dmitry Vyukov <dvyu...@google.com> > CC: Eric Dumazet <eduma...@google.com> > ---
Acked-by: Eric Dumazet <eduma...@google.com>
