Re: [PATCH] sctp: load transport header after sk_filter

Mon, 18 Jul 2016 04:59:37 -0700 

On Sat, Jul 16, 2016 at 05:33:15PM -0400, Willem de Bruijn wrote:
> From: Willem de Bruijn <will...@google.com>
> 
> Do not cache pointers into the skb linear segment across sk_filter.
> The function call can trigger pskb_expand_head.
> 
> Signed-off-by: Willem de Bruijn <will...@google.com>

Acked-by: Marcelo Ricardo Leitner <marcelo.leit...@gmail.com>

Just note that this change is included in 3acb50c18d8d ("sctp: delay
as much as possible skb_linearize") and accepting this one in net will
cause a conflict when merging them. Thanks

> ---
> 
> No Fixes tag: existed at the start of git log.
> 
> It is probably not necessary to store chunk->sctp_hdr at all, as
> chunk->skb exists. That is harder to verify, so not suitable for net.
> 
> SCTP sk_filter trimming does not work as expected for most packets.
> sctp_inq_pop marks most truncated linear packets as discarded with
> pdiscard = 1. The following crude change would make trimming behave as
> expected on linear data chunks but is probably not safe as is.
> 
> -        if (unlikely(skb_is_nonlinear(chunk->skb))) {
> +        if (1) {
> ---
>  net/sctp/input.c | 5 +----
>  1 file changed, 1 insertion(+), 4 deletions(-)
> 
> diff --git a/net/sctp/input.c b/net/sctp/input.c
> index a701527..47cf460 100644
> --- a/net/sctp/input.c
> +++ b/net/sctp/input.c
> @@ -112,7 +112,6 @@ int sctp_rcv(struct sk_buff *skb)
>       struct sctp_ep_common *rcvr;
>       struct sctp_transport *transport = NULL;
>       struct sctp_chunk *chunk;
> -     struct sctphdr *sh;
>       union sctp_addr src;
>       union sctp_addr dest;
>       int family;
> @@ -127,8 +126,6 @@ int sctp_rcv(struct sk_buff *skb)
>       if (skb_linearize(skb))
>               goto discard_it;
>  
> -     sh = sctp_hdr(skb);
> -
>       /* Pull up the IP and SCTP headers. */
>       __skb_pull(skb, skb_transport_offset(skb));
>       if (skb->len < sizeof(struct sctphdr))
> @@ -230,7 +227,7 @@ int sctp_rcv(struct sk_buff *skb)
>       chunk->rcvr = rcvr;
>  
>       /* Remember the SCTP header. */
> -     chunk->sctp_hdr = sh;
> +     chunk->sctp_hdr = sctp_hdr(skb);
>  
>       /* Set the source and destination addresses of the incoming chunk.  */
>       sctp_init_addrs(chunk, &src, &dest);
> -- 
> 2.8.0.rc3.226.g39d4020
>

Reply via email to