| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 23 Nov 2022 17:38:25 +0100
From: Alexander Lobakin <alexandr.lobakin@...el.com>
To: Coco Li <lixiaoyan@...gle.com>
Cc: Alexander Lobakin <alexandr.lobakin@...el.com>,
"David S. Miller" <davem@...emloft.net>,
Hideaki YOSHIFUJI <yoshfuji@...ux-ipv6.org>,
David Ahern <dsahern@...nel.org>,
Eric Dumazet <edumazet@...gle.com>,
Jakub Kicinski <kuba@...nel.org>,
Paolo Abeni <pabeni@...hat.com>,
Michael Chan <michael.chan@...adcom.com>,
netdev@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH net-next 1/2] IPv6/GRO: generic helper to remove temporary HBH/jumbo header in driver
From: Coco Li <lixiaoyan@...gle.com>
Date: Tue, 22 Nov 2022 15:27:39 -0800
> IPv6/TCP and GRO stacks can build big TCP packets with an added
> temporary Hop By Hop header.
>
> Is GSO is not involved, then the temporary header needs to be removed in
> the driver. This patch provides a generic helper for drivers that need
> to modify their headers in place.
>
> Signed-off-by: Coco Li <lixiaoyan@...gle.com>
> ---
> include/net/ipv6.h | 33 +++++++++++++++++++++++++++++++++
> 1 file changed, 33 insertions(+)
>
> diff --git a/include/net/ipv6.h b/include/net/ipv6.h
> index d383c895592a..a11d58c85c05 100644
> --- a/include/net/ipv6.h
> +++ b/include/net/ipv6.h
> @@ -500,6 +500,39 @@ static inline int ipv6_has_hopopt_jumbo(const struct sk_buff *skb)
> return jhdr->nexthdr;
> }
>
> +/* Return 0 if HBH header is successfully removed
> + * Or if HBH removal is unnecessary (packet is not big TCP)
> + * Return error to indicate dropping the packet
> + */
> +static inline int ipv6_hopopt_jumbo_remove(struct sk_buff *skb)
> +{
> + const int hophdr_len = sizeof(struct hop_jumbo_hdr);
> + int nexthdr = ipv6_has_hopopt_jumbo(skb);
> + struct ipv6hdr *h6;
> +
> + if (!nexthdr)
> + return 0;
> +
> + if (skb_cow_head(skb, 0))
> + return -1;
err = skb_cow_head(skb, 0);
if (err)
return err;
Alternatively, if you want to keep it simple, make the function bool
and return false on `if (skb_cow_head(skb, 0)` and true otherwise.
> +
> + /* Remove the HBH header.
> + * Layout: [Ethernet header][IPv6 header][HBH][L4 Header]
> + */
> + memmove(skb->data + hophdr_len,
> + skb->data,
This can fit into the previous line.
> + ETH_HLEN + sizeof(struct ipv6hdr));
Not correct at this point. I assume you took the implementation from
ip6_offload.c[0], but ::gso_segment() and ::ndo_start_xmit() are two
different entry points. Here you may have not only Eth header, but
also VLAN, MPLS and whatnot.
Correct way would be:
memmove(skb_mac_header(skb) + hophdr_len, skb_mac_header(skb),
ipv6_hdr(skb) - skb_mac_header(skb) +
sizeof(struct ipv6hdr));
> +
> + skb->data += hophdr_len;
> + skb->len -= hophdr_len;
> + skb->network_header += hophdr_len;
skb->mac_header also needs to be adjusted, the fact that it's equal
to skb->data at the entry of ::ndo_start_xmit() doesn't mean
anything.
> +
> + h6 = ipv6_hdr(skb);
> + h6->nexthdr = nexthdr;
> +
> + return 0;
> +}
Please switch all the places where the same logics is used to your
new helper.
> +
> static inline bool ipv6_accept_ra(struct inet6_dev *idev)
> {
> /* If forwarding is enabled, RA are not accepted unless the special
> --
> 2.38.1.584.g0f3c55d4c2-goog
Thanks,
Olek
Powered by blists - more mailing lists