Message ID | 1576885124-14576-2-git-send-email-tom@herbertland.com |
---|---|
State | Superseded |
Delegated to: | David Miller |
Headers | show |
Series | ipv6: Extension header infrastructure | expand |
On Fri, Dec 20, 2019 at 6:39 PM Tom Herbert <tom@herbertland.com> wrote: > > From: Tom Herbert <tom@quantonium.net> > > For destopts, bump IPSTATS_MIB_INHDRERRORS when limit of length > of extension header is exceeded. > > For hop-by-hop options, bump IPSTATS_MIB_INHDRERRORS in same > situations as for when destopts are dropped. > > Signed-off-by: Tom Herbert <tom@herbertland.com> > --- > net/ipv6/exthdrs.c | 7 ++++++- > 1 file changed, 6 insertions(+), 1 deletion(-) > > diff --git a/net/ipv6/exthdrs.c b/net/ipv6/exthdrs.c > index ab5add0..f605e4e 100644 > --- a/net/ipv6/exthdrs.c > +++ b/net/ipv6/exthdrs.c > @@ -288,9 +288,9 @@ static int ipv6_destopt_rcv(struct sk_buff *skb) > if (!pskb_may_pull(skb, skb_transport_offset(skb) + 8) || > !pskb_may_pull(skb, (skb_transport_offset(skb) + > ((skb_transport_header(skb)[1] + 1) << 3)))) { > +fail_and_free: > __IP6_INC_STATS(dev_net(dst->dev), idev, > IPSTATS_MIB_INHDRERRORS); > -fail_and_free: > kfree_skb(skb); > return -1; > } > @@ -820,8 +820,10 @@ static const struct tlvtype_proc tlvprochopopt_lst[] = { > > int ipv6_parse_hopopts(struct sk_buff *skb) > { > + struct inet6_dev *idev = __in6_dev_get(skb->dev); > struct inet6_skb_parm *opt = IP6CB(skb); > struct net *net = dev_net(skb->dev); > + struct dst_entry *dst = skb_dst(skb); > int extlen; > > /* > @@ -834,6 +836,8 @@ int ipv6_parse_hopopts(struct sk_buff *skb) > !pskb_may_pull(skb, (sizeof(struct ipv6hdr) + > ((skb_transport_header(skb)[1] + 1) << 3)))) { > fail_and_free: > + __IP6_INC_STATS(dev_net(dst->dev), idev, > + IPSTATS_MIB_INHDRERRORS); ip6_rcv_core, the only caller of ipv6_parse_hopopts, checks skb_valid_dst(skb) before deref. Does this need the same?
On Sun, Dec 22, 2019 at 8:21 AM Willem de Bruijn <willemdebruijn.kernel@gmail.com> wrote: > > On Fri, Dec 20, 2019 at 6:39 PM Tom Herbert <tom@herbertland.com> wrote: > > > > From: Tom Herbert <tom@quantonium.net> > > > > For destopts, bump IPSTATS_MIB_INHDRERRORS when limit of length > > of extension header is exceeded. > > > > For hop-by-hop options, bump IPSTATS_MIB_INHDRERRORS in same > > situations as for when destopts are dropped. > > > > Signed-off-by: Tom Herbert <tom@herbertland.com> > > --- > > net/ipv6/exthdrs.c | 7 ++++++- > > 1 file changed, 6 insertions(+), 1 deletion(-) > > > > diff --git a/net/ipv6/exthdrs.c b/net/ipv6/exthdrs.c > > index ab5add0..f605e4e 100644 > > --- a/net/ipv6/exthdrs.c > > +++ b/net/ipv6/exthdrs.c > > @@ -288,9 +288,9 @@ static int ipv6_destopt_rcv(struct sk_buff *skb) > > if (!pskb_may_pull(skb, skb_transport_offset(skb) + 8) || > > !pskb_may_pull(skb, (skb_transport_offset(skb) + > > ((skb_transport_header(skb)[1] + 1) << 3)))) { > > +fail_and_free: > > __IP6_INC_STATS(dev_net(dst->dev), idev, > > IPSTATS_MIB_INHDRERRORS); > > -fail_and_free: > > kfree_skb(skb); > > return -1; > > } > > @@ -820,8 +820,10 @@ static const struct tlvtype_proc tlvprochopopt_lst[] = { > > > > int ipv6_parse_hopopts(struct sk_buff *skb) > > { > > + struct inet6_dev *idev = __in6_dev_get(skb->dev); > > struct inet6_skb_parm *opt = IP6CB(skb); > > struct net *net = dev_net(skb->dev); > > + struct dst_entry *dst = skb_dst(skb); > > int extlen; > > > > /* > > @@ -834,6 +836,8 @@ int ipv6_parse_hopopts(struct sk_buff *skb) > > !pskb_may_pull(skb, (sizeof(struct ipv6hdr) + > > ((skb_transport_header(skb)[1] + 1) << 3)))) { > > fail_and_free: > > + __IP6_INC_STATS(dev_net(dst->dev), idev, > > + IPSTATS_MIB_INHDRERRORS); > > ip6_rcv_core, the only caller of ipv6_parse_hopopts, checks > skb_valid_dst(skb) before deref. Does this need the same? Hi Willem, Actually, it looks like ipv6_parse_hopopts is doing things the right way. __IP6_INC_STATS is called from ip6_rcv_core if ipv6_parse_hopopts and the net is always taken from skb->dev (not dst) in HBH path. I'll fix destopts to do the same. Tom
On Mon, Dec 23, 2019 at 11:53 AM Tom Herbert <tom@herbertland.com> wrote: > > On Sun, Dec 22, 2019 at 8:21 AM Willem de Bruijn > <willemdebruijn.kernel@gmail.com> wrote: > > > > On Fri, Dec 20, 2019 at 6:39 PM Tom Herbert <tom@herbertland.com> wrote: > > > > > > From: Tom Herbert <tom@quantonium.net> > > > > > > For destopts, bump IPSTATS_MIB_INHDRERRORS when limit of length > > > of extension header is exceeded. > > > > > > For hop-by-hop options, bump IPSTATS_MIB_INHDRERRORS in same > > > situations as for when destopts are dropped. > > > > > > Signed-off-by: Tom Herbert <tom@herbertland.com> > > > --- > > > net/ipv6/exthdrs.c | 7 ++++++- > > > 1 file changed, 6 insertions(+), 1 deletion(-) > > > > > > diff --git a/net/ipv6/exthdrs.c b/net/ipv6/exthdrs.c > > > index ab5add0..f605e4e 100644 > > > --- a/net/ipv6/exthdrs.c > > > +++ b/net/ipv6/exthdrs.c > > > @@ -288,9 +288,9 @@ static int ipv6_destopt_rcv(struct sk_buff *skb) > > > if (!pskb_may_pull(skb, skb_transport_offset(skb) + 8) || > > > !pskb_may_pull(skb, (skb_transport_offset(skb) + > > > ((skb_transport_header(skb)[1] + 1) << 3)))) { > > > +fail_and_free: > > > __IP6_INC_STATS(dev_net(dst->dev), idev, > > > IPSTATS_MIB_INHDRERRORS); > > > -fail_and_free: > > > kfree_skb(skb); > > > return -1; > > > } > > > @@ -820,8 +820,10 @@ static const struct tlvtype_proc tlvprochopopt_lst[] = { > > > > > > int ipv6_parse_hopopts(struct sk_buff *skb) > > > { > > > + struct inet6_dev *idev = __in6_dev_get(skb->dev); > > > struct inet6_skb_parm *opt = IP6CB(skb); > > > struct net *net = dev_net(skb->dev); > > > + struct dst_entry *dst = skb_dst(skb); > > > int extlen; > > > > > > /* > > > @@ -834,6 +836,8 @@ int ipv6_parse_hopopts(struct sk_buff *skb) > > > !pskb_may_pull(skb, (sizeof(struct ipv6hdr) + > > > ((skb_transport_header(skb)[1] + 1) << 3)))) { > > > fail_and_free: > > > + __IP6_INC_STATS(dev_net(dst->dev), idev, > > > + IPSTATS_MIB_INHDRERRORS); > > > > ip6_rcv_core, the only caller of ipv6_parse_hopopts, checks > > skb_valid_dst(skb) before deref. Does this need the same? > > Hi Willem, > > Actually, it looks like ipv6_parse_hopopts is doing things the right > way. __IP6_INC_STATS is called from ip6_rcv_core if ipv6_parse_hopopts > and the net is always taken from skb->dev (not dst) in HBH path. I'll > fix destopts to do the same. I don't entirely follow. The above code uses dev_net(dst->dev). Using local variable net, derived from dev_net(skb->dev), here definitely sounds good to me, if that's what you meant.
On Mon, Dec 23, 2019 at 10:53 AM Willem de Bruijn <willemdebruijn.kernel@gmail.com> wrote: > > On Mon, Dec 23, 2019 at 11:53 AM Tom Herbert <tom@herbertland.com> wrote: > > > > On Sun, Dec 22, 2019 at 8:21 AM Willem de Bruijn > > <willemdebruijn.kernel@gmail.com> wrote: > > > > > > On Fri, Dec 20, 2019 at 6:39 PM Tom Herbert <tom@herbertland.com> wrote: > > > > > > > > From: Tom Herbert <tom@quantonium.net> > > > > > > > > For destopts, bump IPSTATS_MIB_INHDRERRORS when limit of length > > > > of extension header is exceeded. > > > > > > > > For hop-by-hop options, bump IPSTATS_MIB_INHDRERRORS in same > > > > situations as for when destopts are dropped. > > > > > > > > Signed-off-by: Tom Herbert <tom@herbertland.com> > > > > --- > > > > net/ipv6/exthdrs.c | 7 ++++++- > > > > 1 file changed, 6 insertions(+), 1 deletion(-) > > > > > > > > diff --git a/net/ipv6/exthdrs.c b/net/ipv6/exthdrs.c > > > > index ab5add0..f605e4e 100644 > > > > --- a/net/ipv6/exthdrs.c > > > > +++ b/net/ipv6/exthdrs.c > > > > @@ -288,9 +288,9 @@ static int ipv6_destopt_rcv(struct sk_buff *skb) > > > > if (!pskb_may_pull(skb, skb_transport_offset(skb) + 8) || > > > > !pskb_may_pull(skb, (skb_transport_offset(skb) + > > > > ((skb_transport_header(skb)[1] + 1) << 3)))) { > > > > +fail_and_free: > > > > __IP6_INC_STATS(dev_net(dst->dev), idev, > > > > IPSTATS_MIB_INHDRERRORS); > > > > -fail_and_free: > > > > kfree_skb(skb); > > > > return -1; > > > > } > > > > @@ -820,8 +820,10 @@ static const struct tlvtype_proc tlvprochopopt_lst[] = { > > > > > > > > int ipv6_parse_hopopts(struct sk_buff *skb) > > > > { > > > > + struct inet6_dev *idev = __in6_dev_get(skb->dev); > > > > struct inet6_skb_parm *opt = IP6CB(skb); > > > > struct net *net = dev_net(skb->dev); > > > > + struct dst_entry *dst = skb_dst(skb); > > > > int extlen; > > > > > > > > /* > > > > @@ -834,6 +836,8 @@ int ipv6_parse_hopopts(struct sk_buff *skb) > > > > !pskb_may_pull(skb, (sizeof(struct ipv6hdr) + > > > > ((skb_transport_header(skb)[1] + 1) << 3)))) { > > > > fail_and_free: > > > > + __IP6_INC_STATS(dev_net(dst->dev), idev, > > > > + IPSTATS_MIB_INHDRERRORS); > > > > > > ip6_rcv_core, the only caller of ipv6_parse_hopopts, checks > > > skb_valid_dst(skb) before deref. Does this need the same? > > > > Hi Willem, > > > > Actually, it looks like ipv6_parse_hopopts is doing things the right > > way. __IP6_INC_STATS is called from ip6_rcv_core if ipv6_parse_hopopts > > and the net is always taken from skb->dev (not dst) in HBH path. I'll > > fix destopts to do the same. > > I don't entirely follow. The above code uses dev_net(dst->dev). Using > local variable net, derived from dev_net(skb->dev), here definitely > sounds good to me, if that's what you meant. Yes, I'm thinking to just do dev_net(skb->dev) in all cases of __IP6_INC_STATS for hopopts and destopts. Tom
diff --git a/net/ipv6/exthdrs.c b/net/ipv6/exthdrs.c index ab5add0..f605e4e 100644 --- a/net/ipv6/exthdrs.c +++ b/net/ipv6/exthdrs.c @@ -288,9 +288,9 @@ static int ipv6_destopt_rcv(struct sk_buff *skb) if (!pskb_may_pull(skb, skb_transport_offset(skb) + 8) || !pskb_may_pull(skb, (skb_transport_offset(skb) + ((skb_transport_header(skb)[1] + 1) << 3)))) { +fail_and_free: __IP6_INC_STATS(dev_net(dst->dev), idev, IPSTATS_MIB_INHDRERRORS); -fail_and_free: kfree_skb(skb); return -1; } @@ -820,8 +820,10 @@ static const struct tlvtype_proc tlvprochopopt_lst[] = { int ipv6_parse_hopopts(struct sk_buff *skb) { + struct inet6_dev *idev = __in6_dev_get(skb->dev); struct inet6_skb_parm *opt = IP6CB(skb); struct net *net = dev_net(skb->dev); + struct dst_entry *dst = skb_dst(skb); int extlen; /* @@ -834,6 +836,8 @@ int ipv6_parse_hopopts(struct sk_buff *skb) !pskb_may_pull(skb, (sizeof(struct ipv6hdr) + ((skb_transport_header(skb)[1] + 1) << 3)))) { fail_and_free: + __IP6_INC_STATS(dev_net(dst->dev), idev, + IPSTATS_MIB_INHDRERRORS); kfree_skb(skb); return -1; } @@ -850,6 +854,7 @@ int ipv6_parse_hopopts(struct sk_buff *skb) opt->nhoff = sizeof(struct ipv6hdr); return 1; } + __IP6_INC_STATS(net, idev, IPSTATS_MIB_INHDRERRORS); return -1; }