From: Vasiliy Kulikov <segooon@gmail.com>
To: Greg Kroah-Hartman <gregkh@suse.de>, Andrew Lunn <andrew@lunn.ch>,
Sven Eckelmann <sven.eckelmann@gmx.de>,
Marek Lindner <lindner_marek@yahoo.de>,
Simon Wunderlich <siwu@hrz.tu-chemnitz.de>,
devel@driverdev.osuosl.org, linux-kernel@vger.kernel.org
Subject: batman-adv: design suggestions
Date: Tue, 10 Aug 2010 00:34:03 +0400 [thread overview]
Message-ID: <20100809203403.GA16183@albatros> (raw)
Hi folks,
I was reading batman-adv sources and noted:
1) Some incoming packets may cause a storm of error logs, such as at
routing.c:862
if (icmp_packet->msg_type != ECHO_REQUEST) {
pr_warning("Warning - can't forward icmp packet from %pM to "
"%pM: ttl exceeded\n", icmp_packet->orig,
icmp_packet->dst);
Any flooding bad guy is able to fill our disks with logs.
This should be logged only at some slow rate (e.g. 5 logs/sec) or as
pr_debug().
2) It seems to me that NF_HOOK() at hard-interface.c:458 is misused:
...
ret = NF_HOOK(PF_BRIDGE, NF_BR_LOCAL_IN, skb, dev, NULL,
batman_skb_recv_finish);
if (ret != 1)
goto err_out;
/* packet should hold at least type and version */
if (unlikely(skb_headlen(skb) < 2))
goto err_free;
/* expect a valid ethernet header here. */
if (unlikely(skb->mac_len != sizeof(struct ethhdr)
|| !skb_mac_header(skb)))
goto err_free;
...
static int batman_skb_recv_finish(struct sk_buff *skb)
{
return NF_ACCEPT;
}
As I understand, if there is any hook that returns NF_STOLEN, then skb
is leaked.
Thanks,
Vasiliy.
next reply other threads:[~2010-08-09 20:34 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-08-09 20:34 Vasiliy Kulikov [this message]
2010-08-09 20:53 ` batman-adv: design suggestions Sven Eckelmann
2010-08-12 12:48 ` Vasiliy Kulikov
2010-08-14 14:50 ` Marek Lindner
2010-08-14 16:19 ` Vasiliy Kulikov
2010-08-14 17:10 ` Marek Lindner
2010-08-13 18:18 ` Vasiliy Kulikov
2010-08-13 23:25 ` Sven Eckelmann
2010-08-14 14:59 ` Marek Lindner
2010-08-14 16:13 ` Vasiliy Kulikov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20100809203403.GA16183@albatros \
--to=segooon@gmail.com \
--cc=andrew@lunn.ch \
--cc=devel@driverdev.osuosl.org \
--cc=gregkh@suse.de \
--cc=lindner_marek@yahoo.de \
--cc=linux-kernel@vger.kernel.org \
--cc=siwu@hrz.tu-chemnitz.de \
--cc=sven.eckelmann@gmx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.