* [PATCH net-next 1/3] net: core: let skb_partial_csum_set() set transport header
@ 2013-03-27 9:11 Jason Wang
2013-03-27 9:11 ` [PATCH net-next 2/3] net: core: introduce skb_probe_transport_header() Jason Wang
` (2 more replies)
0 siblings, 3 replies; 9+ messages in thread
From: Jason Wang @ 2013-03-27 9:11 UTC (permalink / raw)
To: davem, netdev, linux-kernel; +Cc: mst, Jason Wang, Eric Dumazet
For untrusted packets with partial checksum, we need to set the transport header
for precise packet length estimation. We can just let skb_pratial_csum_set() to
do this to avoid extra call to skb_flow_dissect() and simplify the caller.
Cc: Eric Dumazet <edumazet@google.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
---
net/core/skbuff.c | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/net/core/skbuff.c b/net/core/skbuff.c
index 31c6737..ba64614 100644
--- a/net/core/skbuff.c
+++ b/net/core/skbuff.c
@@ -3370,6 +3370,7 @@ bool skb_partial_csum_set(struct sk_buff *skb, u16 start, u16 off)
skb->ip_summed = CHECKSUM_PARTIAL;
skb->csum_start = skb_headroom(skb) + start;
skb->csum_offset = off;
+ skb_set_transport_header(skb, start);
return true;
}
EXPORT_SYMBOL_GPL(skb_partial_csum_set);
--
1.7.1
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH net-next 2/3] net: core: introduce skb_probe_transport_header()
2013-03-27 9:11 [PATCH net-next 1/3] net: core: let skb_partial_csum_set() set transport header Jason Wang
@ 2013-03-27 9:11 ` Jason Wang
2013-03-27 14:45 ` Eric Dumazet
2013-03-27 9:11 ` [PATCH net-next 3/3] net: switch to use skb_probe_transport_header() Jason Wang
2013-03-27 14:42 ` [PATCH net-next 1/3] net: core: let skb_partial_csum_set() set transport header Eric Dumazet
2 siblings, 1 reply; 9+ messages in thread
From: Jason Wang @ 2013-03-27 9:11 UTC (permalink / raw)
To: davem, netdev, linux-kernel; +Cc: mst, Jason Wang, Eric Dumazet
Sometimes, we need probe and set the transport header for packets (e.g from
untrusted source). This patch introduces a new helper
skb_probe_transport_header() which tries to probe and set the l4 header through
skb_flow_dissect(), if not just set the transport header to the hint passed by
caller.
Cc: Eric Dumazet <edumazet@google.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
---
include/linux/skbuff.h | 14 ++++++++++++++
1 files changed, 14 insertions(+), 0 deletions(-)
diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h
index 4974121..fa88b96 100644
--- a/include/linux/skbuff.h
+++ b/include/linux/skbuff.h
@@ -32,6 +32,7 @@
#include <linux/hrtimer.h>
#include <linux/dma-mapping.h>
#include <linux/netdev_features.h>
+#include <net/flow_keys.h>
/* Don't change this without changing skb_csum_unnecessary! */
#define CHECKSUM_NONE 0
@@ -1559,6 +1560,19 @@ static inline void skb_set_transport_header(struct sk_buff *skb,
skb->transport_header += offset;
}
+static inline void skb_probe_transport_header(struct sk_buff *skb,
+ const int offset_hint)
+{
+ struct flow_keys keys;
+
+ if (skb_transport_header_was_set(skb))
+ return;
+ else if (skb_flow_dissect(skb, &keys))
+ skb_set_transport_header(skb, keys.thoff);
+ else
+ skb_set_transport_header(skb, offset_hint);
+}
+
static inline unsigned char *skb_network_header(const struct sk_buff *skb)
{
return skb->head + skb->network_header;
--
1.7.1
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH net-next 3/3] net: switch to use skb_probe_transport_header()
2013-03-27 9:11 [PATCH net-next 1/3] net: core: let skb_partial_csum_set() set transport header Jason Wang
2013-03-27 9:11 ` [PATCH net-next 2/3] net: core: introduce skb_probe_transport_header() Jason Wang
@ 2013-03-27 9:11 ` Jason Wang
2013-03-27 14:46 ` Eric Dumazet
2013-03-27 14:42 ` [PATCH net-next 1/3] net: core: let skb_partial_csum_set() set transport header Eric Dumazet
2 siblings, 1 reply; 9+ messages in thread
From: Jason Wang @ 2013-03-27 9:11 UTC (permalink / raw)
To: davem, netdev, linux-kernel; +Cc: mst, Jason Wang, Eric Dumazet
Switch to use the new help skb_probe_transport_header() to do the l4 header
probing for untrusted sources. For packets with partial csum, the header should
already been set by skb_partial_csum_set().
Cc: Eric Dumazet <edumazet@google.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
---
drivers/net/macvtap.c | 9 +--------
drivers/net/tun.c | 10 +---------
drivers/net/xen-netback/netback.c | 10 +---------
net/packet/af_packet.c | 22 +++-------------------
4 files changed, 6 insertions(+), 45 deletions(-)
diff --git a/drivers/net/macvtap.c b/drivers/net/macvtap.c
index acf6450..59e9605 100644
--- a/drivers/net/macvtap.c
+++ b/drivers/net/macvtap.c
@@ -21,7 +21,6 @@
#include <net/rtnetlink.h>
#include <net/sock.h>
#include <linux/virtio_net.h>
-#include <net/flow_keys.h>
/*
* A macvtap queue is the central object of this driver, it connects
@@ -646,7 +645,6 @@ static ssize_t macvtap_get_user(struct macvtap_queue *q, struct msghdr *m,
int vnet_hdr_len = 0;
int copylen = 0;
bool zerocopy = false;
- struct flow_keys keys;
if (q->flags & IFF_VNET_HDR) {
vnet_hdr_len = q->vnet_hdr_sz;
@@ -727,12 +725,7 @@ static ssize_t macvtap_get_user(struct macvtap_queue *q, struct msghdr *m,
goto err_kfree;
}
- if (skb->ip_summed == CHECKSUM_PARTIAL)
- skb_set_transport_header(skb, skb_checksum_start_offset(skb));
- else if (skb_flow_dissect(skb, &keys))
- skb_set_transport_header(skb, keys.thoff);
- else
- skb_set_transport_header(skb, ETH_HLEN);
+ skb_probe_transport_header(skb, ETH_HLEN);
rcu_read_lock_bh();
vlan = rcu_dereference_bh(q->vlan);
diff --git a/drivers/net/tun.c b/drivers/net/tun.c
index 48cd73a..29538e6 100644
--- a/drivers/net/tun.c
+++ b/drivers/net/tun.c
@@ -70,7 +70,6 @@
#include <net/sock.h>
#include <asm/uaccess.h>
-#include <net/flow_keys.h>
/* Uncomment to enable debugging */
/* #define TUN_DEBUG 1 */
@@ -1050,7 +1049,6 @@ static ssize_t tun_get_user(struct tun_struct *tun, struct tun_file *tfile,
bool zerocopy = false;
int err;
u32 rxhash;
- struct flow_keys keys;
if (!(tun->flags & TUN_NO_PI)) {
if ((len -= sizeof(pi)) > total_len)
@@ -1205,13 +1203,7 @@ static ssize_t tun_get_user(struct tun_struct *tun, struct tun_file *tfile,
}
skb_reset_network_header(skb);
-
- if (skb->ip_summed == CHECKSUM_PARTIAL)
- skb_set_transport_header(skb, skb_checksum_start_offset(skb));
- else if (skb_flow_dissect(skb, &keys))
- skb_set_transport_header(skb, keys.thoff);
- else
- skb_reset_transport_header(skb);
+ skb_probe_transport_header(skb, 0);
rxhash = skb_get_rxhash(skb);
netif_rx_ni(skb);
diff --git a/drivers/net/xen-netback/netback.c b/drivers/net/xen-netback/netback.c
index fc8faa7..83905a9 100644
--- a/drivers/net/xen-netback/netback.c
+++ b/drivers/net/xen-netback/netback.c
@@ -39,7 +39,6 @@
#include <linux/udp.h>
#include <net/tcp.h>
-#include <net/flow_keys.h>
#include <xen/xen.h>
#include <xen/events.h>
@@ -1506,14 +1505,7 @@ static void xen_netbk_tx_submit(struct xen_netbk *netbk)
continue;
}
- if (!skb_transport_header_was_set(skb)) {
- struct flow_keys keys;
-
- if (skb_flow_dissect(skb, &keys))
- skb_set_transport_header(skb, keys.thoff);
- else
- skb_reset_transport_header(skb);
- }
+ skb_probe_transport_header(skb, 0);
vif->dev->stats.rx_bytes += skb->len;
vif->dev->stats.rx_packets++;
diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c
index 83fdd0a..8e4644f 100644
--- a/net/packet/af_packet.c
+++ b/net/packet/af_packet.c
@@ -88,7 +88,6 @@
#include <linux/virtio_net.h>
#include <linux/errqueue.h>
#include <linux/net_tstamp.h>
-#include <net/flow_keys.h>
#ifdef CONFIG_INET
#include <net/inet_common.h>
@@ -1413,7 +1412,6 @@ static int packet_sendmsg_spkt(struct kiocb *iocb, struct socket *sock,
__be16 proto = 0;
int err;
int extra_len = 0;
- struct flow_keys keys;
/*
* Get and verify the address.
@@ -1514,10 +1512,7 @@ retry:
if (unlikely(extra_len == 4))
skb->no_fcs = 1;
- if (skb_flow_dissect(skb, &keys))
- skb_set_transport_header(skb, keys.thoff);
- else
- skb_reset_transport_header(skb);
+ skb_probe_transport_header(skb, 0);
dev_queue_xmit(skb);
rcu_read_unlock();
@@ -1925,7 +1920,6 @@ static int tpacket_fill_skb(struct packet_sock *po, struct sk_buff *skb,
struct page *page;
void *data;
int err;
- struct flow_keys keys;
ph.raw = frame;
@@ -1950,11 +1944,7 @@ static int tpacket_fill_skb(struct packet_sock *po, struct sk_buff *skb,
skb_reserve(skb, hlen);
skb_reset_network_header(skb);
-
- if (skb_flow_dissect(skb, &keys))
- skb_set_transport_header(skb, keys.thoff);
- else
- skb_reset_transport_header(skb);
+ skb_probe_transport_header(skb, 0);
if (po->tp_tx_has_off) {
int off_min, off_max, off;
@@ -2212,7 +2202,6 @@ static int packet_snd(struct socket *sock,
unsigned short gso_type = 0;
int hlen, tlen;
int extra_len = 0;
- struct flow_keys keys;
/*
* Get and verify the address.
@@ -2365,12 +2354,7 @@ static int packet_snd(struct socket *sock,
len += vnet_hdr_len;
}
- if (skb->ip_summed == CHECKSUM_PARTIAL)
- skb_set_transport_header(skb, skb_checksum_start_offset(skb));
- else if (skb_flow_dissect(skb, &keys))
- skb_set_transport_header(skb, keys.thoff);
- else
- skb_set_transport_header(skb, reserve);
+ skb_probe_transport_header(skb, reserve);
if (unlikely(extra_len == 4))
skb->no_fcs = 1;
--
1.7.1
^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: [PATCH net-next 1/3] net: core: let skb_partial_csum_set() set transport header
2013-03-27 9:11 [PATCH net-next 1/3] net: core: let skb_partial_csum_set() set transport header Jason Wang
2013-03-27 9:11 ` [PATCH net-next 2/3] net: core: introduce skb_probe_transport_header() Jason Wang
2013-03-27 9:11 ` [PATCH net-next 3/3] net: switch to use skb_probe_transport_header() Jason Wang
@ 2013-03-27 14:42 ` Eric Dumazet
2013-03-27 17:07 ` David Miller
2 siblings, 1 reply; 9+ messages in thread
From: Eric Dumazet @ 2013-03-27 14:42 UTC (permalink / raw)
To: Jason Wang; +Cc: davem, netdev, linux-kernel, mst, Eric Dumazet
On Wed, 2013-03-27 at 17:11 +0800, Jason Wang wrote:
> For untrusted packets with partial checksum, we need to set the transport header
> for precise packet length estimation. We can just let skb_pratial_csum_set() to
> do this to avoid extra call to skb_flow_dissect() and simplify the caller.
>
> Cc: Eric Dumazet <edumazet@google.com>
> Signed-off-by: Jason Wang <jasowang@redhat.com>
> ---
> net/core/skbuff.c | 1 +
> 1 files changed, 1 insertions(+), 0 deletions(-)
>
> diff --git a/net/core/skbuff.c b/net/core/skbuff.c
> index 31c6737..ba64614 100644
> --- a/net/core/skbuff.c
> +++ b/net/core/skbuff.c
> @@ -3370,6 +3370,7 @@ bool skb_partial_csum_set(struct sk_buff *skb, u16 start, u16 off)
> skb->ip_summed = CHECKSUM_PARTIAL;
> skb->csum_start = skb_headroom(skb) + start;
> skb->csum_offset = off;
> + skb_set_transport_header(skb, start);
> return true;
> }
> EXPORT_SYMBOL_GPL(skb_partial_csum_set);
Acked-by: Eric Dumazet <edumazet@google.com>
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH net-next 2/3] net: core: introduce skb_probe_transport_header()
2013-03-27 9:11 ` [PATCH net-next 2/3] net: core: introduce skb_probe_transport_header() Jason Wang
@ 2013-03-27 14:45 ` Eric Dumazet
2013-03-27 17:07 ` David Miller
0 siblings, 1 reply; 9+ messages in thread
From: Eric Dumazet @ 2013-03-27 14:45 UTC (permalink / raw)
To: Jason Wang; +Cc: davem, netdev, linux-kernel, mst, Eric Dumazet
On Wed, 2013-03-27 at 17:11 +0800, Jason Wang wrote:
> Sometimes, we need probe and set the transport header for packets (e.g from
> untrusted source). This patch introduces a new helper
> skb_probe_transport_header() which tries to probe and set the l4 header through
> skb_flow_dissect(), if not just set the transport header to the hint passed by
> caller.
>
> Cc: Eric Dumazet <edumazet@google.com>
> Signed-off-by: Jason Wang <jasowang@redhat.com>
> ---
> include/linux/skbuff.h | 14 ++++++++++++++
> 1 files changed, 14 insertions(+), 0 deletions(-)
Acked-by: Eric Dumazet <edumazet@google.com>
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH net-next 3/3] net: switch to use skb_probe_transport_header()
2013-03-27 9:11 ` [PATCH net-next 3/3] net: switch to use skb_probe_transport_header() Jason Wang
@ 2013-03-27 14:46 ` Eric Dumazet
2013-03-27 17:07 ` David Miller
0 siblings, 1 reply; 9+ messages in thread
From: Eric Dumazet @ 2013-03-27 14:46 UTC (permalink / raw)
To: Jason Wang; +Cc: davem, netdev, linux-kernel, mst, Eric Dumazet
On Wed, 2013-03-27 at 17:11 +0800, Jason Wang wrote:
> Switch to use the new help skb_probe_transport_header() to do the l4 header
> probing for untrusted sources. For packets with partial csum, the header should
> already been set by skb_partial_csum_set().
>
> Cc: Eric Dumazet <edumazet@google.com>
> Signed-off-by: Jason Wang <jasowang@redhat.com>
> ---
> drivers/net/macvtap.c | 9 +--------
> drivers/net/tun.c | 10 +---------
> drivers/net/xen-netback/netback.c | 10 +---------
> net/packet/af_packet.c | 22 +++-------------------
> 4 files changed, 6 insertions(+), 45 deletions(-)
Acked-by: Eric Dumazet <edumazet@google.com>
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH net-next 1/3] net: core: let skb_partial_csum_set() set transport header
2013-03-27 14:42 ` [PATCH net-next 1/3] net: core: let skb_partial_csum_set() set transport header Eric Dumazet
@ 2013-03-27 17:07 ` David Miller
0 siblings, 0 replies; 9+ messages in thread
From: David Miller @ 2013-03-27 17:07 UTC (permalink / raw)
To: eric.dumazet; +Cc: jasowang, netdev, linux-kernel, mst, edumazet
From: Eric Dumazet <eric.dumazet@gmail.com>
Date: Wed, 27 Mar 2013 07:42:56 -0700
> On Wed, 2013-03-27 at 17:11 +0800, Jason Wang wrote:
>> For untrusted packets with partial checksum, we need to set the transport header
>> for precise packet length estimation. We can just let skb_pratial_csum_set() to
>> do this to avoid extra call to skb_flow_dissect() and simplify the caller.
>>
>> Cc: Eric Dumazet <edumazet@google.com>
>> Signed-off-by: Jason Wang <jasowang@redhat.com>
>> ---
>> net/core/skbuff.c | 1 +
>> 1 files changed, 1 insertions(+), 0 deletions(-)
>>
>> diff --git a/net/core/skbuff.c b/net/core/skbuff.c
>> index 31c6737..ba64614 100644
>> --- a/net/core/skbuff.c
>> +++ b/net/core/skbuff.c
>> @@ -3370,6 +3370,7 @@ bool skb_partial_csum_set(struct sk_buff *skb, u16 start, u16 off)
>> skb->ip_summed = CHECKSUM_PARTIAL;
>> skb->csum_start = skb_headroom(skb) + start;
>> skb->csum_offset = off;
>> + skb_set_transport_header(skb, start);
>> return true;
>> }
>> EXPORT_SYMBOL_GPL(skb_partial_csum_set);
>
> Acked-by: Eric Dumazet <edumazet@google.com>
Applied.
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH net-next 2/3] net: core: introduce skb_probe_transport_header()
2013-03-27 14:45 ` Eric Dumazet
@ 2013-03-27 17:07 ` David Miller
0 siblings, 0 replies; 9+ messages in thread
From: David Miller @ 2013-03-27 17:07 UTC (permalink / raw)
To: eric.dumazet; +Cc: jasowang, netdev, linux-kernel, mst, edumazet
From: Eric Dumazet <eric.dumazet@gmail.com>
Date: Wed, 27 Mar 2013 07:45:50 -0700
> On Wed, 2013-03-27 at 17:11 +0800, Jason Wang wrote:
>> Sometimes, we need probe and set the transport header for packets (e.g from
>> untrusted source). This patch introduces a new helper
>> skb_probe_transport_header() which tries to probe and set the l4 header through
>> skb_flow_dissect(), if not just set the transport header to the hint passed by
>> caller.
>>
>> Cc: Eric Dumazet <edumazet@google.com>
>> Signed-off-by: Jason Wang <jasowang@redhat.com>
>> ---
>> include/linux/skbuff.h | 14 ++++++++++++++
>> 1 files changed, 14 insertions(+), 0 deletions(-)
>
> Acked-by: Eric Dumazet <edumazet@google.com>
Applied.
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH net-next 3/3] net: switch to use skb_probe_transport_header()
2013-03-27 14:46 ` Eric Dumazet
@ 2013-03-27 17:07 ` David Miller
0 siblings, 0 replies; 9+ messages in thread
From: David Miller @ 2013-03-27 17:07 UTC (permalink / raw)
To: eric.dumazet; +Cc: jasowang, netdev, linux-kernel, mst, edumazet
From: Eric Dumazet <eric.dumazet@gmail.com>
Date: Wed, 27 Mar 2013 07:46:42 -0700
> On Wed, 2013-03-27 at 17:11 +0800, Jason Wang wrote:
>> Switch to use the new help skb_probe_transport_header() to do the l4 header
>> probing for untrusted sources. For packets with partial csum, the header should
>> already been set by skb_partial_csum_set().
>>
>> Cc: Eric Dumazet <edumazet@google.com>
>> Signed-off-by: Jason Wang <jasowang@redhat.com>
>> ---
>> drivers/net/macvtap.c | 9 +--------
>> drivers/net/tun.c | 10 +---------
>> drivers/net/xen-netback/netback.c | 10 +---------
>> net/packet/af_packet.c | 22 +++-------------------
>> 4 files changed, 6 insertions(+), 45 deletions(-)
>
> Acked-by: Eric Dumazet <edumazet@google.com>
Applied.
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2013-03-27 17:07 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2013-03-27 9:11 [PATCH net-next 1/3] net: core: let skb_partial_csum_set() set transport header Jason Wang
2013-03-27 9:11 ` [PATCH net-next 2/3] net: core: introduce skb_probe_transport_header() Jason Wang
2013-03-27 14:45 ` Eric Dumazet
2013-03-27 17:07 ` David Miller
2013-03-27 9:11 ` [PATCH net-next 3/3] net: switch to use skb_probe_transport_header() Jason Wang
2013-03-27 14:46 ` Eric Dumazet
2013-03-27 17:07 ` David Miller
2013-03-27 14:42 ` [PATCH net-next 1/3] net: core: let skb_partial_csum_set() set transport header Eric Dumazet
2013-03-27 17:07 ` David Miller
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).