* [PATCH] skbuff: don't corrupt mac_header on skb expansion
@ 2009-06-17 22:17 Stephen Hemminger
2009-06-18 1:53 ` David Miller
2009-07-05 3:55 ` Herbert Xu
0 siblings, 2 replies; 4+ messages in thread
From: Stephen Hemminger @ 2009-06-17 22:17 UTC (permalink / raw)
To: Arnaldo Carvalho de Melo, David Miller; +Cc: netdev
The skb mac_header field is sometimes NULL (or ~0u) as a sentinel
value. The places where skb is expanded add an offset which would
change this flag into an invalid pointer (or offset).
Signed-off-by: Stephen Hemminger <shemminger@vyatta.com>
--- a/net/core/skbuff.c 2009-06-17 15:02:19.208725168 -0700
+++ b/net/core/skbuff.c 2009-06-17 15:04:50.139435754 -0700
@@ -657,7 +657,8 @@ static void copy_skb_header(struct sk_bu
/* {transport,network,mac}_header are relative to skb->head */
new->transport_header += offset;
new->network_header += offset;
- new->mac_header += offset;
+ if (skb_mac_header_was_set(new))
+ new->mac_header += offset;
#endif
skb_shinfo(new)->gso_size = skb_shinfo(old)->gso_size;
skb_shinfo(new)->gso_segs = skb_shinfo(old)->gso_segs;
@@ -839,7 +840,8 @@ int pskb_expand_head(struct sk_buff *skb
skb->tail += off;
skb->transport_header += off;
skb->network_header += off;
- skb->mac_header += off;
+ if (skb_mac_header_was_set(skb))
+ skb->mac_header += off;
skb->csum_start += nhead;
skb->cloned = 0;
skb->hdr_len = 0;
@@ -931,7 +933,8 @@ struct sk_buff *skb_copy_expand(const st
#ifdef NET_SKBUFF_DATA_USES_OFFSET
n->transport_header += off;
n->network_header += off;
- n->mac_header += off;
+ if (skb_mac_header_was_set(skb))
+ n->mac_header += off;
#endif
return n;
^ permalink raw reply [flat|nested] 4+ messages in thread* Re: [PATCH] skbuff: don't corrupt mac_header on skb expansion
2009-06-17 22:17 [PATCH] skbuff: don't corrupt mac_header on skb expansion Stephen Hemminger
@ 2009-06-18 1:53 ` David Miller
2009-07-05 3:55 ` Herbert Xu
1 sibling, 0 replies; 4+ messages in thread
From: David Miller @ 2009-06-18 1:53 UTC (permalink / raw)
To: shemminger; +Cc: acme, netdev
From: Stephen Hemminger <shemminger@vyatta.com>
Date: Wed, 17 Jun 2009 15:17:34 -0700
> The skb mac_header field is sometimes NULL (or ~0u) as a sentinel
> value. The places where skb is expanded add an offset which would
> change this flag into an invalid pointer (or offset).
>
> Signed-off-by: Stephen Hemminger <shemminger@vyatta.com>
Applied.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] skbuff: don't corrupt mac_header on skb expansion
2009-06-17 22:17 [PATCH] skbuff: don't corrupt mac_header on skb expansion Stephen Hemminger
2009-06-18 1:53 ` David Miller
@ 2009-07-05 3:55 ` Herbert Xu
2009-07-06 18:23 ` Stephen Hemminger
1 sibling, 1 reply; 4+ messages in thread
From: Herbert Xu @ 2009-07-05 3:55 UTC (permalink / raw)
To: Stephen Hemminger; +Cc: acme, davem, netdev
Stephen Hemminger <shemminger@vyatta.com> wrote:
> The skb mac_header field is sometimes NULL (or ~0u) as a sentinel
> value. The places where skb is expanded add an offset which would
> change this flag into an invalid pointer (or offset).
>
> Signed-off-by: Stephen Hemminger <shemminger@vyatta.com>
What uses skb_mac_header_was_set apart from a debugging printk
in route.c and nfnetlink_log (which is also essentially a debugging
printk)?
This seems to be a bit much just to make a couple printks work?
What about using mac_len instead to figure out whether the MAC
header is there?
Cheers,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply [flat|nested] 4+ messages in thread* Re: [PATCH] skbuff: don't corrupt mac_header on skb expansion
2009-07-05 3:55 ` Herbert Xu
@ 2009-07-06 18:23 ` Stephen Hemminger
0 siblings, 0 replies; 4+ messages in thread
From: Stephen Hemminger @ 2009-07-06 18:23 UTC (permalink / raw)
To: Herbert Xu; +Cc: acme, davem, netdev
On Sun, 5 Jul 2009 11:55:21 +0800
Herbert Xu <herbert@gondor.apana.org.au> wrote:
> Stephen Hemminger <shemminger@vyatta.com> wrote:
> > The skb mac_header field is sometimes NULL (or ~0u) as a sentinel
> > value. The places where skb is expanded add an offset which would
> > change this flag into an invalid pointer (or offset).
> >
> > Signed-off-by: Stephen Hemminger <shemminger@vyatta.com>
>
> What uses skb_mac_header_was_set apart from a debugging printk
> in route.c and nfnetlink_log (which is also essentially a debugging
> printk)?
>
> This seems to be a bit much just to make a couple printks work?
>
> What about using mac_len instead to figure out whether the MAC
> header is there?
>
> Cheers,
No worries, either way works, I was just trying to keep acme's original code
--
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2009-07-06 18:23 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-06-17 22:17 [PATCH] skbuff: don't corrupt mac_header on skb expansion Stephen Hemminger
2009-06-18 1:53 ` David Miller
2009-07-05 3:55 ` Herbert Xu
2009-07-06 18:23 ` Stephen Hemminger
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).