lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 6 May 2022 01:06:20 +0300
From:   "Wille Kuutti" <wille.kuutti@...tti.com>
To:     "'Alexei Starovoitov'" <ast@...nel.org>,
        "'Daniel Borkmann'" <daniel@...earbox.net>,
        "'Andrii Nakryiko'" <andrii@...nel.org>,
        "'Martin KaFai Lau'" <kafai@...com>,
        "'Song Liu'" <songliubraving@...com>,
        "'Yonghong Song'" <yhs@...com>,
        "'John Fastabend'" <john.fastabend@...il.com>,
        "'KP Singh'" <kpsingh@...nel.org>,
        "'David S. Miller'" <davem@...emloft.net>,
        "'Eric Dumazet'" <edumazet@...gle.com>,
        "'Jakub Kicinski'" <kuba@...nel.org>,
        "'Paolo Abeni'" <pabeni@...hat.com>, <netdev@...r.kernel.org>,
        <bpf@...r.kernel.org>, <linux-kernel@...r.kernel.org>
Subject: [PATCH] net/core: Make bpf_skb_adjust_room BPF helper available for packets with non IPv4 or IPv6 payload

Network traffic is not limited to only IPv4 and IPv6 protocols, but several
other L3 networking protocols are in common use in several
applications and deployment scenarios which also could utilize BPF. This
change enables the bpf_skb_adjust_room BPF helper to adjust the
room after the MAC header using BPF_ADJ_ROOM_MAC option for packets with any
L3 payload. For BPF_ADJ_ROOM_NET option only IPv4 and IPv6 are
still supported as each L3 protocol would need it's own logic to determine
the length of the L3 header to enable adjustment after the L3
headers.

Signed-off-by: Wille Kuutti <wille.kuutti@...tti.com>
---
net/core/filter.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/net/core/filter.c b/net/core/filter.c
index 64470a727ef7..c6790a763c9b 100644
--- a/net/core/filter.c
+++ b/net/core/filter.c
@@ -3362,7 +3362,7 @@ static u32 bpf_skb_net_base_len(const struct sk_buff
*skb)
        case htons(ETH_P_IPV6):
                return sizeof(struct ipv6hdr);
        default:
-               return ~0U;
+               return 0U;
        }
}

@@ -3582,7 +3582,8 @@ BPF_CALL_4(bpf_skb_adjust_room, struct sk_buff *, skb,
s32, len_diff,
        if (unlikely(len_diff_abs > 0xfffU))
                return -EFAULT;
        if (unlikely(proto != htons(ETH_P_IP) &&
-                    proto != htons(ETH_P_IPV6)))
+                       proto != htons(ETH_P_IPV6) &&
+                       mode != BPF_ADJ_ROOM_MAC))
                return -ENOTSUPP;

        off = skb_mac_header_len(skb);
--
2.32.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ