lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <CAEEmuwRetasGa99PuXAjX5kf1YfJuX442vecyPyH8oU0E_-6iQ@mail.gmail.com>
Date:	Thu, 21 Aug 2014 16:49:22 -0600
From:	Tony Sok <suokunjinxing@...il.com>
To:	linux-kernel@...r.kernel.org
Subject: question about skb headers repeat changes when receiving a package in linux

Hi,

Right now I am researching on linux protocol stack:

Before a skb is transferring from L2(ethernet layer) to L3(IP layer),
function __netif_receive_skb_core will be called and skb->data pointer
will point to L3 header in this function like below:

static int __netif_receive_skb_core(struct sk_buff *skb, bool pfmemalloc)
{
    ...
    //modify the L2 header, skb->data pointer will point to L3 header
    skb_reset_network_header(skb);
    if (!skb_transport_header_was_set(skb))
        skb_reset_transport_header(skb);
    skb_reset_mac_len(skb);

    ...
    //VLan related code
    //Bridge related code
    //IP protocol related code
    ...
}


When the network device is a network bridge, bridge related code will
be executed. And function call relationship will be like this:
br_handle_frame --> br_handle_frame_finish --> br_forward -->
__br_forward --> br_forward_finish --> br_dev_queue_push_xmit

In br_dev_queue_push_xmit, the skb->data pointer will be restored to
L2 header by skb_push(skb, ETH_HLEN) like the code below:

int br_dev_queue_push_xmit(struct sk_buff *skb)
{
    /* drop mtu oversized packets except gso */
    if (packet_length(skb) > skb->dev->mtu && !skb_is_gso(skb))
        kfree_skb(skb);
    else {
         /* ip_fragment doesn't copy the MAC header */
         if (nf_bridge_maybe_copy_header(skb))
             kfree_skb(skb);
         else {
             skb_push(skb, ETH_HLEN);
             dev_queue_xmit(skb);
         }
    }

    return 0;
}


After another network device received this skb and transferred it into
L3 layer, the skb->data will be adjusted once again and pointed to IP
header.

My question is, why the skb header need to be adjusted so repeatedly?
Can the bridge send modified skb(e.g. skb->data pointed to IP layer,
not the original one) to another network device so they did not need
to do the repeated work?

Thank you very much for answering my question.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ