* [PATCH net-next 1/3] net: core: let skb_partial_csum_set() set transport header
@ 2013-03-27 9:11 Jason Wang
2013-03-27 9:11 ` [PATCH net-next 2/3] net: core: introduce skb_probe_transport_header() Jason Wang
` (2 more replies)
0 siblings, 3 replies; 9+ messages in thread
From: Jason Wang @ 2013-03-27 9:11 UTC (permalink / raw)
To: davem, netdev, linux-kernel; +Cc: mst, Jason Wang, Eric Dumazet
For untrusted packets with partial checksum, we need to set the transport header
for precise packet length estimation. We can just let skb_pratial_csum_set() to
do this to avoid extra call to skb_flow_dissect() and simplify the caller.
Cc: Eric Dumazet <edumazet@google.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
---
net/core/skbuff.c | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/net/core/skbuff.c b/net/core/skbuff.c
index 31c6737..ba64614 100644
--- a/net/core/skbuff.c
+++ b/net/core/skbuff.c
@@ -3370,6 +3370,7 @@ bool skb_partial_csum_set(struct sk_buff *skb, u16 start, u16 off)
skb->ip_summed = CHECKSUM_PARTIAL;
skb->csum_start = skb_headroom(skb) + start;
skb->csum_offset = off;
+ skb_set_transport_header(skb, start);
return true;
}
EXPORT_SYMBOL_GPL(skb_partial_csum_set);
--
1.7.1
^ permalink raw reply related [flat|nested] 9+ messages in thread* [PATCH net-next 2/3] net: core: introduce skb_probe_transport_header() 2013-03-27 9:11 [PATCH net-next 1/3] net: core: let skb_partial_csum_set() set transport header Jason Wang @ 2013-03-27 9:11 ` Jason Wang 2013-03-27 14:45 ` Eric Dumazet 2013-03-27 9:11 ` [PATCH net-next 3/3] net: switch to use skb_probe_transport_header() Jason Wang 2013-03-27 14:42 ` [PATCH net-next 1/3] net: core: let skb_partial_csum_set() set transport header Eric Dumazet 2 siblings, 1 reply; 9+ messages in thread From: Jason Wang @ 2013-03-27 9:11 UTC (permalink / raw) To: davem, netdev, linux-kernel; +Cc: mst, Jason Wang, Eric Dumazet Sometimes, we need probe and set the transport header for packets (e.g from untrusted source). This patch introduces a new helper skb_probe_transport_header() which tries to probe and set the l4 header through skb_flow_dissect(), if not just set the transport header to the hint passed by caller. Cc: Eric Dumazet <edumazet@google.com> Signed-off-by: Jason Wang <jasowang@redhat.com> --- include/linux/skbuff.h | 14 ++++++++++++++ 1 files changed, 14 insertions(+), 0 deletions(-) diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h index 4974121..fa88b96 100644 --- a/include/linux/skbuff.h +++ b/include/linux/skbuff.h @@ -32,6 +32,7 @@ #include <linux/hrtimer.h> #include <linux/dma-mapping.h> #include <linux/netdev_features.h> +#include <net/flow_keys.h> /* Don't change this without changing skb_csum_unnecessary! */ #define CHECKSUM_NONE 0 @@ -1559,6 +1560,19 @@ static inline void skb_set_transport_header(struct sk_buff *skb, skb->transport_header += offset; } +static inline void skb_probe_transport_header(struct sk_buff *skb, + const int offset_hint) +{ + struct flow_keys keys; + + if (skb_transport_header_was_set(skb)) + return; + else if (skb_flow_dissect(skb, &keys)) + skb_set_transport_header(skb, keys.thoff); + else + skb_set_transport_header(skb, offset_hint); +} + static inline unsigned char *skb_network_header(const struct sk_buff *skb) { return skb->head + skb->network_header; -- 1.7.1 ^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: [PATCH net-next 2/3] net: core: introduce skb_probe_transport_header() 2013-03-27 9:11 ` [PATCH net-next 2/3] net: core: introduce skb_probe_transport_header() Jason Wang @ 2013-03-27 14:45 ` Eric Dumazet 2013-03-27 17:07 ` David Miller 0 siblings, 1 reply; 9+ messages in thread From: Eric Dumazet @ 2013-03-27 14:45 UTC (permalink / raw) To: Jason Wang; +Cc: davem, netdev, linux-kernel, mst, Eric Dumazet On Wed, 2013-03-27 at 17:11 +0800, Jason Wang wrote: > Sometimes, we need probe and set the transport header for packets (e.g from > untrusted source). This patch introduces a new helper > skb_probe_transport_header() which tries to probe and set the l4 header through > skb_flow_dissect(), if not just set the transport header to the hint passed by > caller. > > Cc: Eric Dumazet <edumazet@google.com> > Signed-off-by: Jason Wang <jasowang@redhat.com> > --- > include/linux/skbuff.h | 14 ++++++++++++++ > 1 files changed, 14 insertions(+), 0 deletions(-) Acked-by: Eric Dumazet <edumazet@google.com> ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH net-next 2/3] net: core: introduce skb_probe_transport_header() 2013-03-27 14:45 ` Eric Dumazet @ 2013-03-27 17:07 ` David Miller 0 siblings, 0 replies; 9+ messages in thread From: David Miller @ 2013-03-27 17:07 UTC (permalink / raw) To: eric.dumazet; +Cc: jasowang, netdev, linux-kernel, mst, edumazet From: Eric Dumazet <eric.dumazet@gmail.com> Date: Wed, 27 Mar 2013 07:45:50 -0700 > On Wed, 2013-03-27 at 17:11 +0800, Jason Wang wrote: >> Sometimes, we need probe and set the transport header for packets (e.g from >> untrusted source). This patch introduces a new helper >> skb_probe_transport_header() which tries to probe and set the l4 header through >> skb_flow_dissect(), if not just set the transport header to the hint passed by >> caller. >> >> Cc: Eric Dumazet <edumazet@google.com> >> Signed-off-by: Jason Wang <jasowang@redhat.com> >> --- >> include/linux/skbuff.h | 14 ++++++++++++++ >> 1 files changed, 14 insertions(+), 0 deletions(-) > > Acked-by: Eric Dumazet <edumazet@google.com> Applied. ^ permalink raw reply [flat|nested] 9+ messages in thread
* [PATCH net-next 3/3] net: switch to use skb_probe_transport_header() 2013-03-27 9:11 [PATCH net-next 1/3] net: core: let skb_partial_csum_set() set transport header Jason Wang 2013-03-27 9:11 ` [PATCH net-next 2/3] net: core: introduce skb_probe_transport_header() Jason Wang @ 2013-03-27 9:11 ` Jason Wang 2013-03-27 14:46 ` Eric Dumazet 2013-03-27 14:42 ` [PATCH net-next 1/3] net: core: let skb_partial_csum_set() set transport header Eric Dumazet 2 siblings, 1 reply; 9+ messages in thread From: Jason Wang @ 2013-03-27 9:11 UTC (permalink / raw) To: davem, netdev, linux-kernel; +Cc: mst, Jason Wang, Eric Dumazet Switch to use the new help skb_probe_transport_header() to do the l4 header probing for untrusted sources. For packets with partial csum, the header should already been set by skb_partial_csum_set(). Cc: Eric Dumazet <edumazet@google.com> Signed-off-by: Jason Wang <jasowang@redhat.com> --- drivers/net/macvtap.c | 9 +-------- drivers/net/tun.c | 10 +--------- drivers/net/xen-netback/netback.c | 10 +--------- net/packet/af_packet.c | 22 +++------------------- 4 files changed, 6 insertions(+), 45 deletions(-) diff --git a/drivers/net/macvtap.c b/drivers/net/macvtap.c index acf6450..59e9605 100644 --- a/drivers/net/macvtap.c +++ b/drivers/net/macvtap.c @@ -21,7 +21,6 @@ #include <net/rtnetlink.h> #include <net/sock.h> #include <linux/virtio_net.h> -#include <net/flow_keys.h> /* * A macvtap queue is the central object of this driver, it connects @@ -646,7 +645,6 @@ static ssize_t macvtap_get_user(struct macvtap_queue *q, struct msghdr *m, int vnet_hdr_len = 0; int copylen = 0; bool zerocopy = false; - struct flow_keys keys; if (q->flags & IFF_VNET_HDR) { vnet_hdr_len = q->vnet_hdr_sz; @@ -727,12 +725,7 @@ static ssize_t macvtap_get_user(struct macvtap_queue *q, struct msghdr *m, goto err_kfree; } - if (skb->ip_summed == CHECKSUM_PARTIAL) - skb_set_transport_header(skb, skb_checksum_start_offset(skb)); - else if (skb_flow_dissect(skb, &keys)) - skb_set_transport_header(skb, keys.thoff); - else - skb_set_transport_header(skb, ETH_HLEN); + skb_probe_transport_header(skb, ETH_HLEN); rcu_read_lock_bh(); vlan = rcu_dereference_bh(q->vlan); diff --git a/drivers/net/tun.c b/drivers/net/tun.c index 48cd73a..29538e6 100644 --- a/drivers/net/tun.c +++ b/drivers/net/tun.c @@ -70,7 +70,6 @@ #include <net/sock.h> #include <asm/uaccess.h> -#include <net/flow_keys.h> /* Uncomment to enable debugging */ /* #define TUN_DEBUG 1 */ @@ -1050,7 +1049,6 @@ static ssize_t tun_get_user(struct tun_struct *tun, struct tun_file *tfile, bool zerocopy = false; int err; u32 rxhash; - struct flow_keys keys; if (!(tun->flags & TUN_NO_PI)) { if ((len -= sizeof(pi)) > total_len) @@ -1205,13 +1203,7 @@ static ssize_t tun_get_user(struct tun_struct *tun, struct tun_file *tfile, } skb_reset_network_header(skb); - - if (skb->ip_summed == CHECKSUM_PARTIAL) - skb_set_transport_header(skb, skb_checksum_start_offset(skb)); - else if (skb_flow_dissect(skb, &keys)) - skb_set_transport_header(skb, keys.thoff); - else - skb_reset_transport_header(skb); + skb_probe_transport_header(skb, 0); rxhash = skb_get_rxhash(skb); netif_rx_ni(skb); diff --git a/drivers/net/xen-netback/netback.c b/drivers/net/xen-netback/netback.c index fc8faa7..83905a9 100644 --- a/drivers/net/xen-netback/netback.c +++ b/drivers/net/xen-netback/netback.c @@ -39,7 +39,6 @@ #include <linux/udp.h> #include <net/tcp.h> -#include <net/flow_keys.h> #include <xen/xen.h> #include <xen/events.h> @@ -1506,14 +1505,7 @@ static void xen_netbk_tx_submit(struct xen_netbk *netbk) continue; } - if (!skb_transport_header_was_set(skb)) { - struct flow_keys keys; - - if (skb_flow_dissect(skb, &keys)) - skb_set_transport_header(skb, keys.thoff); - else - skb_reset_transport_header(skb); - } + skb_probe_transport_header(skb, 0); vif->dev->stats.rx_bytes += skb->len; vif->dev->stats.rx_packets++; diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c index 83fdd0a..8e4644f 100644 --- a/net/packet/af_packet.c +++ b/net/packet/af_packet.c @@ -88,7 +88,6 @@ #include <linux/virtio_net.h> #include <linux/errqueue.h> #include <linux/net_tstamp.h> -#include <net/flow_keys.h> #ifdef CONFIG_INET #include <net/inet_common.h> @@ -1413,7 +1412,6 @@ static int packet_sendmsg_spkt(struct kiocb *iocb, struct socket *sock, __be16 proto = 0; int err; int extra_len = 0; - struct flow_keys keys; /* * Get and verify the address. @@ -1514,10 +1512,7 @@ retry: if (unlikely(extra_len == 4)) skb->no_fcs = 1; - if (skb_flow_dissect(skb, &keys)) - skb_set_transport_header(skb, keys.thoff); - else - skb_reset_transport_header(skb); + skb_probe_transport_header(skb, 0); dev_queue_xmit(skb); rcu_read_unlock(); @@ -1925,7 +1920,6 @@ static int tpacket_fill_skb(struct packet_sock *po, struct sk_buff *skb, struct page *page; void *data; int err; - struct flow_keys keys; ph.raw = frame; @@ -1950,11 +1944,7 @@ static int tpacket_fill_skb(struct packet_sock *po, struct sk_buff *skb, skb_reserve(skb, hlen); skb_reset_network_header(skb); - - if (skb_flow_dissect(skb, &keys)) - skb_set_transport_header(skb, keys.thoff); - else - skb_reset_transport_header(skb); + skb_probe_transport_header(skb, 0); if (po->tp_tx_has_off) { int off_min, off_max, off; @@ -2212,7 +2202,6 @@ static int packet_snd(struct socket *sock, unsigned short gso_type = 0; int hlen, tlen; int extra_len = 0; - struct flow_keys keys; /* * Get and verify the address. @@ -2365,12 +2354,7 @@ static int packet_snd(struct socket *sock, len += vnet_hdr_len; } - if (skb->ip_summed == CHECKSUM_PARTIAL) - skb_set_transport_header(skb, skb_checksum_start_offset(skb)); - else if (skb_flow_dissect(skb, &keys)) - skb_set_transport_header(skb, keys.thoff); - else - skb_set_transport_header(skb, reserve); + skb_probe_transport_header(skb, reserve); if (unlikely(extra_len == 4)) skb->no_fcs = 1; -- 1.7.1 ^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: [PATCH net-next 3/3] net: switch to use skb_probe_transport_header() 2013-03-27 9:11 ` [PATCH net-next 3/3] net: switch to use skb_probe_transport_header() Jason Wang @ 2013-03-27 14:46 ` Eric Dumazet 2013-03-27 17:07 ` David Miller 0 siblings, 1 reply; 9+ messages in thread From: Eric Dumazet @ 2013-03-27 14:46 UTC (permalink / raw) To: Jason Wang; +Cc: davem, netdev, linux-kernel, mst, Eric Dumazet On Wed, 2013-03-27 at 17:11 +0800, Jason Wang wrote: > Switch to use the new help skb_probe_transport_header() to do the l4 header > probing for untrusted sources. For packets with partial csum, the header should > already been set by skb_partial_csum_set(). > > Cc: Eric Dumazet <edumazet@google.com> > Signed-off-by: Jason Wang <jasowang@redhat.com> > --- > drivers/net/macvtap.c | 9 +-------- > drivers/net/tun.c | 10 +--------- > drivers/net/xen-netback/netback.c | 10 +--------- > net/packet/af_packet.c | 22 +++------------------- > 4 files changed, 6 insertions(+), 45 deletions(-) Acked-by: Eric Dumazet <edumazet@google.com> ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH net-next 3/3] net: switch to use skb_probe_transport_header() 2013-03-27 14:46 ` Eric Dumazet @ 2013-03-27 17:07 ` David Miller 0 siblings, 0 replies; 9+ messages in thread From: David Miller @ 2013-03-27 17:07 UTC (permalink / raw) To: eric.dumazet; +Cc: jasowang, netdev, linux-kernel, mst, edumazet From: Eric Dumazet <eric.dumazet@gmail.com> Date: Wed, 27 Mar 2013 07:46:42 -0700 > On Wed, 2013-03-27 at 17:11 +0800, Jason Wang wrote: >> Switch to use the new help skb_probe_transport_header() to do the l4 header >> probing for untrusted sources. For packets with partial csum, the header should >> already been set by skb_partial_csum_set(). >> >> Cc: Eric Dumazet <edumazet@google.com> >> Signed-off-by: Jason Wang <jasowang@redhat.com> >> --- >> drivers/net/macvtap.c | 9 +-------- >> drivers/net/tun.c | 10 +--------- >> drivers/net/xen-netback/netback.c | 10 +--------- >> net/packet/af_packet.c | 22 +++------------------- >> 4 files changed, 6 insertions(+), 45 deletions(-) > > Acked-by: Eric Dumazet <edumazet@google.com> Applied. ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH net-next 1/3] net: core: let skb_partial_csum_set() set transport header 2013-03-27 9:11 [PATCH net-next 1/3] net: core: let skb_partial_csum_set() set transport header Jason Wang 2013-03-27 9:11 ` [PATCH net-next 2/3] net: core: introduce skb_probe_transport_header() Jason Wang 2013-03-27 9:11 ` [PATCH net-next 3/3] net: switch to use skb_probe_transport_header() Jason Wang @ 2013-03-27 14:42 ` Eric Dumazet 2013-03-27 17:07 ` David Miller 2 siblings, 1 reply; 9+ messages in thread From: Eric Dumazet @ 2013-03-27 14:42 UTC (permalink / raw) To: Jason Wang; +Cc: davem, netdev, linux-kernel, mst, Eric Dumazet On Wed, 2013-03-27 at 17:11 +0800, Jason Wang wrote: > For untrusted packets with partial checksum, we need to set the transport header > for precise packet length estimation. We can just let skb_pratial_csum_set() to > do this to avoid extra call to skb_flow_dissect() and simplify the caller. > > Cc: Eric Dumazet <edumazet@google.com> > Signed-off-by: Jason Wang <jasowang@redhat.com> > --- > net/core/skbuff.c | 1 + > 1 files changed, 1 insertions(+), 0 deletions(-) > > diff --git a/net/core/skbuff.c b/net/core/skbuff.c > index 31c6737..ba64614 100644 > --- a/net/core/skbuff.c > +++ b/net/core/skbuff.c > @@ -3370,6 +3370,7 @@ bool skb_partial_csum_set(struct sk_buff *skb, u16 start, u16 off) > skb->ip_summed = CHECKSUM_PARTIAL; > skb->csum_start = skb_headroom(skb) + start; > skb->csum_offset = off; > + skb_set_transport_header(skb, start); > return true; > } > EXPORT_SYMBOL_GPL(skb_partial_csum_set); Acked-by: Eric Dumazet <edumazet@google.com> ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH net-next 1/3] net: core: let skb_partial_csum_set() set transport header 2013-03-27 14:42 ` [PATCH net-next 1/3] net: core: let skb_partial_csum_set() set transport header Eric Dumazet @ 2013-03-27 17:07 ` David Miller 0 siblings, 0 replies; 9+ messages in thread From: David Miller @ 2013-03-27 17:07 UTC (permalink / raw) To: eric.dumazet; +Cc: jasowang, netdev, linux-kernel, mst, edumazet From: Eric Dumazet <eric.dumazet@gmail.com> Date: Wed, 27 Mar 2013 07:42:56 -0700 > On Wed, 2013-03-27 at 17:11 +0800, Jason Wang wrote: >> For untrusted packets with partial checksum, we need to set the transport header >> for precise packet length estimation. We can just let skb_pratial_csum_set() to >> do this to avoid extra call to skb_flow_dissect() and simplify the caller. >> >> Cc: Eric Dumazet <edumazet@google.com> >> Signed-off-by: Jason Wang <jasowang@redhat.com> >> --- >> net/core/skbuff.c | 1 + >> 1 files changed, 1 insertions(+), 0 deletions(-) >> >> diff --git a/net/core/skbuff.c b/net/core/skbuff.c >> index 31c6737..ba64614 100644 >> --- a/net/core/skbuff.c >> +++ b/net/core/skbuff.c >> @@ -3370,6 +3370,7 @@ bool skb_partial_csum_set(struct sk_buff *skb, u16 start, u16 off) >> skb->ip_summed = CHECKSUM_PARTIAL; >> skb->csum_start = skb_headroom(skb) + start; >> skb->csum_offset = off; >> + skb_set_transport_header(skb, start); >> return true; >> } >> EXPORT_SYMBOL_GPL(skb_partial_csum_set); > > Acked-by: Eric Dumazet <edumazet@google.com> Applied. ^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2013-03-27 17:07 UTC | newest] Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2013-03-27 9:11 [PATCH net-next 1/3] net: core: let skb_partial_csum_set() set transport header Jason Wang 2013-03-27 9:11 ` [PATCH net-next 2/3] net: core: introduce skb_probe_transport_header() Jason Wang 2013-03-27 14:45 ` Eric Dumazet 2013-03-27 17:07 ` David Miller 2013-03-27 9:11 ` [PATCH net-next 3/3] net: switch to use skb_probe_transport_header() Jason Wang 2013-03-27 14:46 ` Eric Dumazet 2013-03-27 17:07 ` David Miller 2013-03-27 14:42 ` [PATCH net-next 1/3] net: core: let skb_partial_csum_set() set transport header Eric Dumazet 2013-03-27 17:07 ` David Miller
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).