[PATCH] GRE: Use IS_ERR_OR_NULL in gre_gso_segment

[PATCH] GRE: Use IS_ERR_OR_NULL in gre_gso_segment

[Simon Horman]

Signed-off-by: Simon Horman <horms@verge.net.au>
---
 net/ipv4/gre.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/ipv4/gre.c b/net/ipv4/gre.c
index d2d5a99..0ae998b 100644
--- a/net/ipv4/gre.c
+++ b/net/ipv4/gre.c
@@ -168,7 +168,7 @@ static struct sk_buff *gre_gso_segment(struct sk_buff *skb,
 	/* segment inner packet. */
 	enc_features = skb->dev->hw_enc_features & netif_skb_features(skb);
 	segs = skb_mac_gso_segment(skb, enc_features);
-	if (!segs || IS_ERR(segs))
+	if (IS_ERR_OR_NULL(segs))
 		goto out;
 
 	skb = segs;
-- 
1.7.10.4

Re: [PATCH] GRE: Use IS_ERR_OR_NULL in gre_gso_segment

[Eric Dumazet]

On Fri, 2013-04-19 at 15:48 +0900, Simon Horman wrote:
> Signed-off-by: Simon Horman <horms@verge.net.au>
> ---
>  net/ipv4/gre.c |    2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/net/ipv4/gre.c b/net/ipv4/gre.c
> index d2d5a99..0ae998b 100644
> --- a/net/ipv4/gre.c
> +++ b/net/ipv4/gre.c
> @@ -168,7 +168,7 @@ static struct sk_buff *gre_gso_segment(struct sk_buff *skb,
>  	/* segment inner packet. */
>  	enc_features = skb->dev->hw_enc_features & netif_skb_features(skb);
>  	segs = skb_mac_gso_segment(skb, enc_features);
> -	if (!segs || IS_ERR(segs))
> +	if (IS_ERR_OR_NULL(segs))
>  		goto out;
>  
>  	skb = segs;

Hi Simon

AFAIK I would change things so that NULL is not a possible value.

I don't really like IS_ERR_OR_NULL() because it hides some lazyness of
ours, and is more expensive (2 tests)

If we return NULL for an error, why not instead return -Esomething,
since caller is OK to get -ENOMEM,-Exxxxx,... ?

Anyway I presume this is a net-next patch ?

Thanks

Re: [PATCH] GRE: Use IS_ERR_OR_NULL in gre_gso_segment

[David Miller]

From: Eric Dumazet <eric.dumazet@gmail.com>
Date: Fri, 19 Apr 2013 03:24:33 -0700

> On Fri, 2013-04-19 at 15:48 +0900, Simon Horman wrote:
>> Signed-off-by: Simon Horman <horms@verge.net.au>
>> ---
>>  net/ipv4/gre.c |    2 +-
>>  1 file changed, 1 insertion(+), 1 deletion(-)
>> 
>> diff --git a/net/ipv4/gre.c b/net/ipv4/gre.c
>> index d2d5a99..0ae998b 100644
>> --- a/net/ipv4/gre.c
>> +++ b/net/ipv4/gre.c
>> @@ -168,7 +168,7 @@ static struct sk_buff *gre_gso_segment(struct sk_buff *skb,
>>  	/* segment inner packet. */
>>  	enc_features = skb->dev->hw_enc_features & netif_skb_features(skb);
>>  	segs = skb_mac_gso_segment(skb, enc_features);
>> -	if (!segs || IS_ERR(segs))
>> +	if (IS_ERR_OR_NULL(segs))
>>  		goto out;
>>  
>>  	skb = segs;
> 
> Hi Simon
> 
> AFAIK I would change things so that NULL is not a possible value.
> 
> I don't really like IS_ERR_OR_NULL() because it hides some lazyness of
> ours, and is more expensive (2 tests)
> 
> If we return NULL for an error, why not instead return -Esomething,
> since caller is OK to get -ENOMEM,-Exxxxx,... ?

Sometimes IS_ERR_OR_NULL is appropriate, but not here, since the caller
can more easily just provide good error codes all the time instead of
sometimes returning nULL.

Re: [PATCH] GRE: Use IS_ERR_OR_NULL in gre_gso_segment

[Simon Horman]

On Fri, Apr 19, 2013 at 02:28:52PM -0400, David Miller wrote:
> From: Eric Dumazet <eric.dumazet@gmail.com>
> Date: Fri, 19 Apr 2013 03:24:33 -0700
> 
> > On Fri, 2013-04-19 at 15:48 +0900, Simon Horman wrote:
> >> Signed-off-by: Simon Horman <horms@verge.net.au>
> >> ---
> >>  net/ipv4/gre.c |    2 +-
> >>  1 file changed, 1 insertion(+), 1 deletion(-)
> >> 
> >> diff --git a/net/ipv4/gre.c b/net/ipv4/gre.c
> >> index d2d5a99..0ae998b 100644
> >> --- a/net/ipv4/gre.c
> >> +++ b/net/ipv4/gre.c
> >> @@ -168,7 +168,7 @@ static struct sk_buff *gre_gso_segment(struct sk_buff *skb,
> >>  	/* segment inner packet. */
> >>  	enc_features = skb->dev->hw_enc_features & netif_skb_features(skb);
> >>  	segs = skb_mac_gso_segment(skb, enc_features);
> >> -	if (!segs || IS_ERR(segs))
> >> +	if (IS_ERR_OR_NULL(segs))
> >>  		goto out;
> >>  
> >>  	skb = segs;
> > 
> > Hi Simon
> > 
> > AFAIK I would change things so that NULL is not a possible value.
> > 
> > I don't really like IS_ERR_OR_NULL() because it hides some lazyness of
> > ours, and is more expensive (2 tests)
> > 
> > If we return NULL for an error, why not instead return -Esomething,
> > since caller is OK to get -ENOMEM,-Exxxxx,... ?
> 
> Sometimes IS_ERR_OR_NULL is appropriate, but not here, since the caller
> can more easily just provide good error codes all the time instead of
> sometimes returning nULL.

I am confused.

I'm not sure that my change actually alters the logic at all.
Is the suggestion that the logic should be changed somehow?

Re: [PATCH] GRE: Use IS_ERR_OR_NULL in gre_gso_segment

[David Miller]

From: Simon Horman <horms@verge.net.au>
Date: Mon, 22 Apr 2013 10:35:57 +0900

> On Fri, Apr 19, 2013 at 02:28:52PM -0400, David Miller wrote:
>> From: Eric Dumazet <eric.dumazet@gmail.com>
>> Date: Fri, 19 Apr 2013 03:24:33 -0700
>> 
>> > On Fri, 2013-04-19 at 15:48 +0900, Simon Horman wrote:
>> >> Signed-off-by: Simon Horman <horms@verge.net.au>
>> >> ---
>> >>  net/ipv4/gre.c |    2 +-
>> >>  1 file changed, 1 insertion(+), 1 deletion(-)
>> >> 
>> >> diff --git a/net/ipv4/gre.c b/net/ipv4/gre.c
>> >> index d2d5a99..0ae998b 100644
>> >> --- a/net/ipv4/gre.c
>> >> +++ b/net/ipv4/gre.c
>> >> @@ -168,7 +168,7 @@ static struct sk_buff *gre_gso_segment(struct sk_buff *skb,
>> >>  	/* segment inner packet. */
>> >>  	enc_features = skb->dev->hw_enc_features & netif_skb_features(skb);
>> >>  	segs = skb_mac_gso_segment(skb, enc_features);
>> >> -	if (!segs || IS_ERR(segs))
>> >> +	if (IS_ERR_OR_NULL(segs))
>> >>  		goto out;
>> >>  
>> >>  	skb = segs;
>> > 
>> > Hi Simon
>> > 
>> > AFAIK I would change things so that NULL is not a possible value.
>> > 
>> > I don't really like IS_ERR_OR_NULL() because it hides some lazyness of
>> > ours, and is more expensive (2 tests)
>> > 
>> > If we return NULL for an error, why not instead return -Esomething,
>> > since caller is OK to get -ENOMEM,-Exxxxx,... ?
>> 
>> Sometimes IS_ERR_OR_NULL is appropriate, but not here, since the caller
>> can more easily just provide good error codes all the time instead of
>> sometimes returning nULL.
> 
> I am confused.
> 
> I'm not sure that my change actually alters the logic at all.
> Is the suggestion that the logic should be changed somehow?

We're saying change skb_mac_gso_segment() to never return NULL, and
always an error encoded pointer, rather than change the callers.

Re: [PATCH] GRE: Use IS_ERR_OR_NULL in gre_gso_segment

[Simon Horman]

On Sun, Apr 21, 2013 at 09:44:33PM -0400, David Miller wrote:
> From: Simon Horman <horms@verge.net.au>
> Date: Mon, 22 Apr 2013 10:35:57 +0900
> 
> > On Fri, Apr 19, 2013 at 02:28:52PM -0400, David Miller wrote:
> >> From: Eric Dumazet <eric.dumazet@gmail.com>
> >> Date: Fri, 19 Apr 2013 03:24:33 -0700
> >> 
> >> > On Fri, 2013-04-19 at 15:48 +0900, Simon Horman wrote:
> >> >> Signed-off-by: Simon Horman <horms@verge.net.au>
> >> >> ---
> >> >>  net/ipv4/gre.c |    2 +-
> >> >>  1 file changed, 1 insertion(+), 1 deletion(-)
> >> >> 
> >> >> diff --git a/net/ipv4/gre.c b/net/ipv4/gre.c
> >> >> index d2d5a99..0ae998b 100644
> >> >> --- a/net/ipv4/gre.c
> >> >> +++ b/net/ipv4/gre.c
> >> >> @@ -168,7 +168,7 @@ static struct sk_buff *gre_gso_segment(struct sk_buff *skb,
> >> >>  	/* segment inner packet. */
> >> >>  	enc_features = skb->dev->hw_enc_features & netif_skb_features(skb);
> >> >>  	segs = skb_mac_gso_segment(skb, enc_features);
> >> >> -	if (!segs || IS_ERR(segs))
> >> >> +	if (IS_ERR_OR_NULL(segs))
> >> >>  		goto out;
> >> >>  
> >> >>  	skb = segs;
> >> > 
> >> > Hi Simon
> >> > 
> >> > AFAIK I would change things so that NULL is not a possible value.
> >> > 
> >> > I don't really like IS_ERR_OR_NULL() because it hides some lazyness of
> >> > ours, and is more expensive (2 tests)
> >> > 
> >> > If we return NULL for an error, why not instead return -Esomething,
> >> > since caller is OK to get -ENOMEM,-Exxxxx,... ?
> >> 
> >> Sometimes IS_ERR_OR_NULL is appropriate, but not here, since the caller
> >> can more easily just provide good error codes all the time instead of
> >> sometimes returning nULL.
> > 
> > I am confused.
> > 
> > I'm not sure that my change actually alters the logic at all.
> > Is the suggestion that the logic should be changed somehow?
> 
> We're saying change skb_mac_gso_segment() to never return NULL, and
> always an error encoded pointer, rather than change the callers.

Thanks, I understand now.

Re: [PATCH] GRE: Use IS_ERR_OR_NULL in gre_gso_segment

[Simon Horman]

[ CC Herbert ]

On Mon, Apr 22, 2013 at 11:13:41AM +0900, Simon Horman wrote:
> On Sun, Apr 21, 2013 at 09:44:33PM -0400, David Miller wrote:
> > From: Simon Horman <horms@verge.net.au>
> > Date: Mon, 22 Apr 2013 10:35:57 +0900
> > 
> > > On Fri, Apr 19, 2013 at 02:28:52PM -0400, David Miller wrote:
> > >> From: Eric Dumazet <eric.dumazet@gmail.com>
> > >> Date: Fri, 19 Apr 2013 03:24:33 -0700
> > >> 
> > >> > On Fri, 2013-04-19 at 15:48 +0900, Simon Horman wrote:
> > >> >> Signed-off-by: Simon Horman <horms@verge.net.au>
> > >> >> ---
> > >> >>  net/ipv4/gre.c |    2 +-
> > >> >>  1 file changed, 1 insertion(+), 1 deletion(-)
> > >> >> 
> > >> >> diff --git a/net/ipv4/gre.c b/net/ipv4/gre.c
> > >> >> index d2d5a99..0ae998b 100644
> > >> >> --- a/net/ipv4/gre.c
> > >> >> +++ b/net/ipv4/gre.c
> > >> >> @@ -168,7 +168,7 @@ static struct sk_buff *gre_gso_segment(struct sk_buff *skb,
> > >> >>  	/* segment inner packet. */
> > >> >>  	enc_features = skb->dev->hw_enc_features & netif_skb_features(skb);
> > >> >>  	segs = skb_mac_gso_segment(skb, enc_features);
> > >> >> -	if (!segs || IS_ERR(segs))
> > >> >> +	if (IS_ERR_OR_NULL(segs))
> > >> >>  		goto out;
> > >> >>  
> > >> >>  	skb = segs;
> > >> > 
> > >> > Hi Simon
> > >> > 
> > >> > AFAIK I would change things so that NULL is not a possible value.
> > >> > 
> > >> > I don't really like IS_ERR_OR_NULL() because it hides some lazyness of
> > >> > ours, and is more expensive (2 tests)
> > >> > 
> > >> > If we return NULL for an error, why not instead return -Esomething,
> > >> > since caller is OK to get -ENOMEM,-Exxxxx,... ?
> > >> 
> > >> Sometimes IS_ERR_OR_NULL is appropriate, but not here, since the caller
> > >> can more easily just provide good error codes all the time instead of
> > >> sometimes returning nULL.
> > > 
> > > I am confused.
> > > 
> > > I'm not sure that my change actually alters the logic at all.
> > > Is the suggestion that the logic should be changed somehow?
> > 
> > We're saying change skb_mac_gso_segment() to never return NULL, and
> > always an error encoded pointer, rather than change the callers.
> 
> Thanks, I understand now.

I have looked into this and it seems that the returning
NULL was introduced by Herbert in 576a30eb6453439b3c37ba24455ac7090c247b5a
("Added GSO header verification").

And it seems that only dev_gso_segment() relies on this behaviour.

One option I can think of is to choose an error value to return
instead of NULL for the case of verifying header integrity.


As things stand the following seem suspicious as it seems
that a NULL value could be dereferenced.

1. Use of return value of call to __skb_gso_segment() in
   net/openvswitch/datapath.c:queue_gso_packets().
2. Use of return value of call to skb_gso_segment() in:
   drivers/net/ethernet/broadcom/tg3.c:tg3_tso_bug() <- I guess this is
                                                        never dodgy and thus ok
   net/netfilter/nf_queue.c:nf_queue()
   net/xfrm/xfrm_output.c:xfrm_output_gso()

Re: [PATCH] GRE: Use IS_ERR_OR_NULL in gre_gso_segment

[Jesse Gross]

On Tue, Apr 23, 2013 at 12:50 AM, Simon Horman <horms@verge.net.au> wrote:
> [ CC Herbert ]
>
> On Mon, Apr 22, 2013 at 11:13:41AM +0900, Simon Horman wrote:
>> On Sun, Apr 21, 2013 at 09:44:33PM -0400, David Miller wrote:
>> > From: Simon Horman <horms@verge.net.au>
>> > Date: Mon, 22 Apr 2013 10:35:57 +0900
>> >
>> > > On Fri, Apr 19, 2013 at 02:28:52PM -0400, David Miller wrote:
>> > >> From: Eric Dumazet <eric.dumazet@gmail.com>
>> > >> Date: Fri, 19 Apr 2013 03:24:33 -0700
>> > >>
>> > >> > On Fri, 2013-04-19 at 15:48 +0900, Simon Horman wrote:
>> > >> >> Signed-off-by: Simon Horman <horms@verge.net.au>
>> > >> >> ---
>> > >> >>  net/ipv4/gre.c |    2 +-
>> > >> >>  1 file changed, 1 insertion(+), 1 deletion(-)
>> > >> >>
>> > >> >> diff --git a/net/ipv4/gre.c b/net/ipv4/gre.c
>> > >> >> index d2d5a99..0ae998b 100644
>> > >> >> --- a/net/ipv4/gre.c
>> > >> >> +++ b/net/ipv4/gre.c
>> > >> >> @@ -168,7 +168,7 @@ static struct sk_buff *gre_gso_segment(struct sk_buff *skb,
>> > >> >>       /* segment inner packet. */
>> > >> >>       enc_features = skb->dev->hw_enc_features & netif_skb_features(skb);
>> > >> >>       segs = skb_mac_gso_segment(skb, enc_features);
>> > >> >> -     if (!segs || IS_ERR(segs))
>> > >> >> +     if (IS_ERR_OR_NULL(segs))
>> > >> >>               goto out;
>> > >> >>
>> > >> >>       skb = segs;
>> > >> >
>> > >> > Hi Simon
>> > >> >
>> > >> > AFAIK I would change things so that NULL is not a possible value.
>> > >> >
>> > >> > I don't really like IS_ERR_OR_NULL() because it hides some lazyness of
>> > >> > ours, and is more expensive (2 tests)
>> > >> >
>> > >> > If we return NULL for an error, why not instead return -Esomething,
>> > >> > since caller is OK to get -ENOMEM,-Exxxxx,... ?
>> > >>
>> > >> Sometimes IS_ERR_OR_NULL is appropriate, but not here, since the caller
>> > >> can more easily just provide good error codes all the time instead of
>> > >> sometimes returning nULL.
>> > >
>> > > I am confused.
>> > >
>> > > I'm not sure that my change actually alters the logic at all.
>> > > Is the suggestion that the logic should be changed somehow?
>> >
>> > We're saying change skb_mac_gso_segment() to never return NULL, and
>> > always an error encoded pointer, rather than change the callers.
>>
>> Thanks, I understand now.
>
> I have looked into this and it seems that the returning
> NULL was introduced by Herbert in 576a30eb6453439b3c37ba24455ac7090c247b5a
> ("Added GSO header verification").
>
> And it seems that only dev_gso_segment() relies on this behaviour.
>
> One option I can think of is to choose an error value to return
> instead of NULL for the case of verifying header integrity.
>
>
> As things stand the following seem suspicious as it seems
> that a NULL value could be dereferenced.
>
> 1. Use of return value of call to __skb_gso_segment() in
>    net/openvswitch/datapath.c:queue_gso_packets().

I don't think this is actually a problem since there is a check for
skb_is_gso() earlier in the code path and no GSO types are supported
in the call to __skb_gso_segment(). However, I can't say that I'm a
big fan of this function possibly returning NULL since it makes it
unnecessarily difficult to reason about.

Re: [PATCH] GRE: Use IS_ERR_OR_NULL in gre_gso_segment

[Herbert Xu]

On Tue, Apr 23, 2013 at 01:47:34PM -0700, Jesse Gross wrote:
> On Tue, Apr 23, 2013 at 12:50 AM, Simon Horman <horms@verge.net.au> wrote:
> > [ CC Herbert ]
> >
> > On Mon, Apr 22, 2013 at 11:13:41AM +0900, Simon Horman wrote:
> >> On Sun, Apr 21, 2013 at 09:44:33PM -0400, David Miller wrote:
> >> > From: Simon Horman <horms@verge.net.au>
> >> > Date: Mon, 22 Apr 2013 10:35:57 +0900
> >> >
> >> > > On Fri, Apr 19, 2013 at 02:28:52PM -0400, David Miller wrote:
> >> > >> From: Eric Dumazet <eric.dumazet@gmail.com>
> >> > >> Date: Fri, 19 Apr 2013 03:24:33 -0700
> >> > >>
> >> > >> > On Fri, 2013-04-19 at 15:48 +0900, Simon Horman wrote:
> >> > >> >> Signed-off-by: Simon Horman <horms@verge.net.au>
> >> > >> >> ---
> >> > >> >>  net/ipv4/gre.c |    2 +-
> >> > >> >>  1 file changed, 1 insertion(+), 1 deletion(-)
> >> > >> >>
> >> > >> >> diff --git a/net/ipv4/gre.c b/net/ipv4/gre.c
> >> > >> >> index d2d5a99..0ae998b 100644
> >> > >> >> --- a/net/ipv4/gre.c
> >> > >> >> +++ b/net/ipv4/gre.c
> >> > >> >> @@ -168,7 +168,7 @@ static struct sk_buff *gre_gso_segment(struct sk_buff *skb,
> >> > >> >>       /* segment inner packet. */
> >> > >> >>       enc_features = skb->dev->hw_enc_features & netif_skb_features(skb);
> >> > >> >>       segs = skb_mac_gso_segment(skb, enc_features);
> >> > >> >> -     if (!segs || IS_ERR(segs))
> >> > >> >> +     if (IS_ERR_OR_NULL(segs))
> >> > >> >>               goto out;
> >> > >> >>
> >> > >> >>       skb = segs;
>
> I don't think this is actually a problem since there is a check for
> skb_is_gso() earlier in the code path and no GSO types are supported
> in the call to __skb_gso_segment(). However, I can't say that I'm a
> big fan of this function possibly returning NULL since it makes it
> unnecessarily difficult to reason about.

Please refer to the description in the original changelog
(576a30eb6453439b3c37ba24455ac7090c247b5a).  The purpose of
the NULL return value is to indicate that we're processing a
packet that will be segmented by the hardware, i.e., the only
reason we're running the software GSO code on this packet is
to verify its integrity because it came from an untrusted source.

We can certainly get rid of the NULL return value and directly test
for the verification only case but I'm not sure if it's really worth
it.

Perhaps add an wrapper for the IS_ERR_OR_NULL with a descriptive
name?

Cheers,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH] GRE: Use IS_ERR_OR_NULL in gre_gso_segment

[David Miller]

From: Herbert Xu <herbert@gondor.apana.org.au>
Date: Thu, 25 Apr 2013 16:46:17 +0800

> Perhaps add an wrapper for the IS_ERR_OR_NULL with a descriptive
> name?

Or pick an error code for the case covered by NULL.

Re: [PATCH] GRE: Use IS_ERR_OR_NULL in gre_gso_segment

[Herbert Xu]

On Thu, Apr 25, 2013 at 05:01:57AM -0400, David Miller wrote:
> From: Herbert Xu <herbert@gondor.apana.org.au>
> Date: Thu, 25 Apr 2013 16:46:17 +0800
> 
> > Perhaps add an wrapper for the IS_ERR_OR_NULL with a descriptive
> > name?
> 
> Or pick an error code for the case covered by NULL.

Picking an error code may create a maintainence problem down the
track because the same error code could be reused by something
deeper down in the GSO stack.

Cheers,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH] GRE: Use IS_ERR_OR_NULL in gre_gso_segment

[Herbert Xu]

On Thu, Apr 25, 2013 at 05:03:46PM +0800, Herbert Xu wrote:
> On Thu, Apr 25, 2013 at 05:01:57AM -0400, David Miller wrote:
> > From: Herbert Xu <herbert@gondor.apana.org.au>
> > Date: Thu, 25 Apr 2013 16:46:17 +0800
> > 
> > > Perhaps add an wrapper for the IS_ERR_OR_NULL with a descriptive
> > > name?
> > 
> > Or pick an error code for the case covered by NULL.
> 
> Picking an error code may create a maintainence problem down the
> track because the same error code could be reused by something
> deeper down in the GSO stack.

In any case, returning an error in this case makes little sense
because when we return NULL it is precisely because the packet is
well-formed and ready for direct processing by the hardware which
will perform GSO instead of us.

The reason this dichotomy exists is because we've reused the
normal software GSO path to do header verification for hardware
GSO.

Cheers,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH] GRE: Use IS_ERR_OR_NULL in gre_gso_segment

[Eric Dumazet]

On Thu, 2013-04-25 at 17:11 +0800, Herbert Xu wrote:

> In any case, returning an error in this case makes little sense
> because when we return NULL it is precisely because the packet is
> well-formed and ready for direct processing by the hardware which
> will perform GSO instead of us.
> 
> The reason this dichotomy exists is because we've reused the
> normal software GSO path to do header verification for hardware
> GSO.
> 

OK, then current code is fine. Comments will save future 'cleanups'.

diff --git a/net/ipv4/gre.c b/net/ipv4/gre.c
index d2d5a99..ddf72eb 100644
--- a/net/ipv4/gre.c
+++ b/net/ipv4/gre.c
@@ -168,7 +168,11 @@ static struct sk_buff *gre_gso_segment(struct sk_buff *skb,
 	/* segment inner packet. */
 	enc_features = skb->dev->hw_enc_features & netif_skb_features(skb);
 	segs = skb_mac_gso_segment(skb, enc_features);
-	if (!segs || IS_ERR(segs))
+	/* if no segmentation is needed, we're done */
+	if (!segs)
+		goto out;
+	/* if an error happened during segmentation, we're done */
+	if (IS_ERR(segs))
 		goto out;
 
 	skb = segs;

Re: [PATCH] GRE: Use IS_ERR_OR_NULL in gre_gso_segment

[Herbert Xu]

On Thu, Apr 25, 2013 at 06:58:34AM -0700, Eric Dumazet wrote:
> On Thu, 2013-04-25 at 17:11 +0800, Herbert Xu wrote:
> 
> > In any case, returning an error in this case makes little sense
> > because when we return NULL it is precisely because the packet is
> > well-formed and ready for direct processing by the hardware which
> > will perform GSO instead of us.
> > 
> > The reason this dichotomy exists is because we've reused the
> > normal software GSO path to do header verification for hardware
> > GSO.
> > 
> 
> OK, then current code is fine. Comments will save future 'cleanups'.

Looks good to me.  Either this or add a wrapper so that the comments
don't get out-of-sync since this construct is used in multiple
places.

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt