Home Explore Help
Register Sign In
phyus
/
linux-vybrid_public
8
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

[DCCP]: Fix skb->cb conflicts with IP

dev_queue_xmit() and the other IP output functions expect to get a skb
with clear or properly initialized skb->cb. Unlike TCP and UDP, the
dccp_skb_cb doesn't contain a struct inet_skb_parm at the beginning,
so the DCCP-specific data is interpreted by the IP output functions.
This can cause false negatives for the conditional POST_ROUTING hook
invocation, making the packet bypass the hook.

Add a inet_skb_parm/inet6_skb_parm union to the beginning of
dccp_skb_cb to avoid clashes. Also add a BUILD_BUG_ON to make
sure it fits in the cb.

[ Combined with patch from Gerrit Renker to remove two now unnecessary
  memsets of IPCB(skb)->opt ]

Signed-off-by: Patrick McHardy <kaber@trash.net>
Acked-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Patrick McHardy 17 years ago
parent
ae1b6a31b1
commit
028b027524
4 changed files with 9 additions and 2 deletions
Split View Show Diff Stats
  1. 6 0
      net/dccp/dccp.h
  2. 0 1
      net/dccp/ipv4.c
  3. 0 1
      net/dccp/output.c
  4. 3 0
      net/dccp/proto.c

+ 6 - 0
net/dccp/dccp.h
View File 

@@ -325,6 +325,12 @@ static inline int dccp_bad_service_code(const struct sock *sk,
 
  * This is used for transmission as well as for reception.
 
  */
 
 struct dccp_skb_cb {
 
+	union {
 
+		struct inet_skb_parm	h4;
 
+#if defined(CONFIG_IPV6) || defined (CONFIG_IPV6_MODULE)
 
+		struct inet6_skb_parm	h6;
 
+#endif
 
+	} header;
 
 	__u8  dccpd_type:4;
 
 	__u8  dccpd_ccval:4;
 
 	__u8  dccpd_reset_code,

+ 0 - 1
net/dccp/ipv4.c
View File 

@@ -489,7 +489,6 @@ static int dccp_v4_send_response(struct sock *sk, struct request_sock *req,
 
 
 		dh->dccph_checksum = dccp_v4_csum_finish(skb, ireq->loc_addr,
 
 							      ireq->rmt_addr);
 
-		memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt));
 
 		err = ip_build_and_send_pkt(skb, sk, ireq->loc_addr,
 
 					    ireq->rmt_addr,
 
 					    ireq->opt);

+ 0 - 1
net/dccp/output.c
View File 

@@ -126,7 +126,6 @@ static int dccp_transmit_skb(struct sock *sk, struct sk_buff *skb)
 
 
 		DCCP_INC_STATS(DCCP_MIB_OUTSEGS);
 
 
-		memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt));
 
 		err = icsk->icsk_af_ops->queue_xmit(skb, 0);
 
 		return net_xmit_eval(err);
 
 	}

+ 3 - 0
net/dccp/proto.c
View File 

@@ -1057,6 +1057,9 @@ static int __init dccp_init(void)
 
 	int ehash_order, bhash_order, i;
 
 	int rc = -ENOBUFS;
 
 
+	BUILD_BUG_ON(sizeof(struct dccp_skb_cb) >
 
+		     FIELD_SIZEOF(struct sk_buff, cb));
 
+
 
 	dccp_hashinfo.bind_bucket_cachep =
 
 		kmem_cache_create("dccp_bind_bucket",
 
 				  sizeof(struct inet_bind_bucket), 0,