aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHerbert Xu <herbert@gondor.apana.org.au>2006-06-09 19:13:01 -0400
committerDavid S. Miller <davem@sunset.davemloft.net>2006-06-18 00:30:20 -0400
commitb38dfee3d616ffadb58d4215e3ff9d1d7921031e (patch)
tree55ae104c8522e973291f490c9902580de798ae93
parentc8c9f9a3de2c50c876b1068dd41f9a06c5749f80 (diff)
[NET]: skb_trim audit
I found a few more spots where pskb_trim_rcsum could be used but were not. This patch changes them to use it. Also, sk_filter can get paged skb data. Therefore we must use pskb_trim instead of skb_trim. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--include/net/sock.h5
-rw-r--r--net/bridge/br_netfilter.c14
-rw-r--r--net/ipv6/netfilter/nf_conntrack_reasm.c10
3 files changed, 7 insertions, 22 deletions
diff --git a/include/net/sock.h b/include/net/sock.h
index 75b0e97ed93d..96565ff0de6a 100644
--- a/include/net/sock.h
+++ b/include/net/sock.h
@@ -873,10 +873,7 @@ static inline int sk_filter(struct sock *sk, struct sk_buff *skb, int needlock)
873 if (filter) { 873 if (filter) {
874 unsigned int pkt_len = sk_run_filter(skb, filter->insns, 874 unsigned int pkt_len = sk_run_filter(skb, filter->insns,
875 filter->len); 875 filter->len);
876 if (!pkt_len) 876 err = pkt_len ? pskb_trim(skb, pkt_len) : -EPERM;
877 err = -EPERM;
878 else
879 skb_trim(skb, pkt_len);
880 } 877 }
881 878
882 if (needlock) 879 if (needlock)
diff --git a/net/bridge/br_netfilter.c b/net/bridge/br_netfilter.c
index 3da9264449f7..3e41f9d6d51c 100644
--- a/net/bridge/br_netfilter.c
+++ b/net/bridge/br_netfilter.c
@@ -407,12 +407,8 @@ static unsigned int br_nf_pre_routing_ipv6(unsigned int hook,
407 if (pkt_len || hdr->nexthdr != NEXTHDR_HOP) { 407 if (pkt_len || hdr->nexthdr != NEXTHDR_HOP) {
408 if (pkt_len + sizeof(struct ipv6hdr) > skb->len) 408 if (pkt_len + sizeof(struct ipv6hdr) > skb->len)
409 goto inhdr_error; 409 goto inhdr_error;
410 if (pkt_len + sizeof(struct ipv6hdr) < skb->len) { 410 if (pskb_trim_rcsum(skb, pkt_len + sizeof(struct ipv6hdr)))
411 if (__pskb_trim(skb, pkt_len + sizeof(struct ipv6hdr))) 411 goto inhdr_error;
412 goto inhdr_error;
413 if (skb->ip_summed == CHECKSUM_HW)
414 skb->ip_summed = CHECKSUM_NONE;
415 }
416 } 412 }
417 if (hdr->nexthdr == NEXTHDR_HOP && check_hbh_len(skb)) 413 if (hdr->nexthdr == NEXTHDR_HOP && check_hbh_len(skb))
418 goto inhdr_error; 414 goto inhdr_error;
@@ -495,11 +491,7 @@ static unsigned int br_nf_pre_routing(unsigned int hook, struct sk_buff **pskb,
495 if (skb->len < len || len < 4 * iph->ihl) 491 if (skb->len < len || len < 4 * iph->ihl)
496 goto inhdr_error; 492 goto inhdr_error;
497 493
498 if (skb->len > len) { 494 pskb_trim_rcsum(skb, len);
499 __pskb_trim(skb, len);
500 if (skb->ip_summed == CHECKSUM_HW)
501 skb->ip_summed = CHECKSUM_NONE;
502 }
503 495
504 nf_bridge_put(skb->nf_bridge); 496 nf_bridge_put(skb->nf_bridge);
505 if (!nf_bridge_alloc(skb)) 497 if (!nf_bridge_alloc(skb))
diff --git a/net/ipv6/netfilter/nf_conntrack_reasm.c b/net/ipv6/netfilter/nf_conntrack_reasm.c
index 3e319035f82d..c32a029e43f0 100644
--- a/net/ipv6/netfilter/nf_conntrack_reasm.c
+++ b/net/ipv6/netfilter/nf_conntrack_reasm.c
@@ -456,13 +456,9 @@ static int nf_ct_frag6_queue(struct nf_ct_frag6_queue *fq, struct sk_buff *skb,
456 DEBUGP("queue: message is too short.\n"); 456 DEBUGP("queue: message is too short.\n");
457 goto err; 457 goto err;
458 } 458 }
459 if (end-offset < skb->len) { 459 if (pskb_trim_rcsum(skb, end - offset)) {
460 if (pskb_trim(skb, end - offset)) { 460 DEBUGP("Can't trim\n");
461 DEBUGP("Can't trim\n"); 461 goto err;
462 goto err;
463 }
464 if (skb->ip_summed != CHECKSUM_UNNECESSARY)
465 skb->ip_summed = CHECKSUM_NONE;
466 } 462 }
467 463
468 /* Find out which fragments are in front and at the back of us 464 /* Find out which fragments are in front and at the back of us