From: Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>
To: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Stephen Hemminger <shemminger@osdl.org>,
davem@davemloft.net, netdev@vger.kernel.org
Subject: Re: [PATCH] ip_route_input panic fix
Date: Wed, 19 Apr 2006 03:52:22 +0400 [thread overview]
Message-ID: <20060418235222.GA20504@ms2.inr.ac.ru> (raw)
In-Reply-To: <E1FVk6q-0000Tf-00@gondolin.me.apana.org.au>
Hello!
> Looking at this again, the root of this problem is the IGMPv3
> patch which started using the skb->nh.iph->protocol as a key.
No, root is that this fake skb was not properly initialized.
It should, it should be a good real IP skb.
> In fact I'm unsure as to whether all the other users of ip_route_input
> is safe as it is regarding the protocol.
ip_route_input takes skb as an argument exactly because it needs nothing
but skb and there is always an skb, when we "input".
ip_route_output would be happy to take an skb as well,
but unfortuntely it happens before we have an skb.
I do not see anything scary here: agree, when skb->nh happens to be undefined,
such skb would crash almost any place in IP stack. :-)
Actually, this weird case in inet_get_route() is the only place, where
a dummy skb is used and it is needed mostly to resolve multicast routes.
In this case this fake skb really passes through all the engine, even
delivered to user space in some sense, and when the route is resolved,
the same skb is submitted to netlink socket. I remember, Dave found
something very bad about this and this even deserved a place in TODO list,
but franky speaking I did not understand what is so wrong with this trick.
Alexey
next prev parent reply other threads:[~2006-04-18 23:52 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-04-18 0:12 [PATCH] ip_route_input panic fix Stephen Hemminger
2006-04-18 2:28 ` Herbert Xu
2006-04-18 2:49 ` Stephen Hemminger
2006-04-18 2:54 ` Herbert Xu
2006-04-18 5:45 ` David S. Miller
2006-04-18 6:54 ` Herbert Xu
2006-04-18 21:54 ` David S. Miller
2006-04-18 22:08 ` Herbert Xu
2006-04-18 23:52 ` Alexey Kuznetsov [this message]
2006-04-19 0:17 ` Herbert Xu
2006-04-19 3:53 ` David S. Miller
2006-04-19 9:46 ` Alexey Kuznetsov
-- strict thread matches above, loose matches on Subject: below --
2006-04-19 0:59 Alexey Kuznetsov
2006-04-19 1:00 Alexey Kuznetsov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20060418235222.GA20504@ms2.inr.ac.ru \
--to=kuznet@ms2.inr.ac.ru \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=netdev@vger.kernel.org \
--cc=shemminger@osdl.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).