lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Mon, 7 Sep 2020 11:40:21 +0200
From:   Willem de Bruijn <>
To:     Xie He <>
Cc:     "David S. Miller" <>,
        Jakub Kicinski <>,
        John Ogness <>,
        Mao Wenan <>,
        Eric Dumazet <>,
        Or Cohen <>,
        Arnd Bergmann <>,
        Network Development <>,
        linux-kernel <>,
        Willem de Bruijn <>,
        Eric Dumazet <>,
        Brian Norris <>,
        Cong Wang <>
Subject: Re: [PATCH net] net/packet: Fix a comment about hard_header_len and
 headroom allocation

On Sun, Sep 6, 2020 at 5:18 AM Xie He <> wrote:
> This comment is outdated and no longer reflects the actual implementation
> of af_packet.c.

If it was previously true, can you point to a commit that changes the behavior?

> Reasons for the new comment:
> 1.
> In this file, the function packet_snd first reserves a headroom of
> length (dev->hard_header_len + dev->needed_headroom).
> Then if the socket is a SOCK_DGRAM socket, it calls dev_hard_header,
> which calls dev->header_ops->create, to create the link layer header.
> If the socket is a SOCK_RAW socket, it "un-reserves" a headroom of
> length (dev->hard_header_len), and checks if the user has provided a
> header of length (dev->hard_header_len) (in dev_validate_header).

Not entirely, a header greater than dev->min_header_len that passes

> This shows the developers of af_packet.c expect hard_header_len to
> be consistent with header_ops.
> 2.
> In this file, the function packet_sendmsg_spkt has a FIXME comment.
> That comment states that prepending an LL header internally in a driver
> is considered a bug. I believe this bug can be fixed by setting
> hard_header_len to 0, making the internal header completely invisible
> to af_packet.c (and requesting the headroom in needed_headroom instead).


> 3.
> There is a commit for a WiFi driver:
> commit 9454f7a895b8 ("mwifiex: set needed_headroom, not hard_header_len")
> According to the discussion about it at:
> The author tried to set the WiFi driver's hard_header_len to the Ethernet
> header length, and request additional header space internally needed by
> setting needed_headroom. This means this usage is already adopted by
> driver developers.
> Cc: Willem de Bruijn <>
> Cc: Eric Dumazet <>
> Cc: Brian Norris <>
> Cc: Cong Wang <>
> Signed-off-by: Xie He <>
> ---
>  net/packet/af_packet.c | 15 +++++++++------
>  1 file changed, 9 insertions(+), 6 deletions(-)
> diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c
> index 2b33e977a905..c808c76efa71 100644
> --- a/net/packet/af_packet.c
> +++ b/net/packet/af_packet.c
> @@ -93,12 +93,15 @@
>  /*
>     Assumptions:
> -   - if device has no dev->hard_header routine, it adds and removes ll header
> -     inside itself. In this case ll header is invisible outside of device,
> -     but higher levels still should reserve dev->hard_header_len.
> -     Some devices are enough clever to reallocate skb, when header
> -     will not fit to reserved space (tunnel), another ones are silly
> -     (PPP).
> +   - If the device has no dev->header_ops, there is no LL header visible
> +     outside of the device. In this case, its hard_header_len should be 0.

Such a constraint is more robustly captured with a compile time
BUILD_BUG_ON check. Please do add a comment that summarizes why the
invariant holds.

More about the older comment, but if reusing: it's not entirely clear
to me what "outside of the device" means. The upper layers that
receive data from the device and send data to it, including
packet_snd, I suppose? Not the lower layers, clearly. Maybe that can
be more specific.

> +     The device may prepend its own header internally. In this case, its
> +     needed_headroom should be set to the space needed for it to add its
> +     internal header.
> +     For example, a WiFi driver pretending to be an Ethernet driver should
> +     set its hard_header_len to be the Ethernet header length, and set its
> +     needed_headroom to be (the real WiFi header length - the fake Ethernet
> +     header length).
>     - packet socket receives packets with pulled ll header,
>       so that SOCK_RAW should push it back.
> --
> 2.25.1

Powered by blists - more mailing lists