I tried to analyze the cases of using icmp_send in kernel. It indirectly used by many protocols: ARP, IP, UDP, Netfilter, IPVS, IPIP, GRE over IP, CLIP, XFRM, CIPSOv4. Different IP tunnels and XFRM operating directly over IP layer and if using own skb->cb data, having IP header data in front of it. CLIP uses icmp_send for packets from arp queue only. So, If I right, only TCP layer moves IP header data and only CIPSOv4 operates on both IP and TCP layers now.
19.02.2019, 04:25, "David Miller" <da...@davemloft.net>: > From: Nazarov Sergey <s-naza...@yandex.ru> > Date: Mon, 18 Feb 2019 16:39:11 +0300 > >> I think, it would not be a good solution, if I will analyze all >> subsystems using icmp_send, because I do not have enough knowledge >> for this. I propose to add a new function, for example, >> ismp_send_safe, something like that: > > Please don't do this. > > Solve the problem properly by auditing each case, there aren't a lot and > it is not too difficult to see the upcall sites.
