aboutsummaryrefslogtreecommitdiffstats
path: root/net/packet/af_packet.c
diff options
context:
space:
mode:
authorJason Wang <jasowang@redhat.com>2013-03-26 19:11:22 -0400
committerDavid S. Miller <davem@davemloft.net>2013-03-27 12:48:31 -0400
commit40893fd0fd4e0eda8c6a53db6a8e6013b2d44c16 (patch)
treef61f8374d9a77385ef06012256b68633edb27e2c /net/packet/af_packet.c
parent5203cd28db6dc05c3618a602cf4cf81203d00257 (diff)
net: switch to use skb_probe_transport_header()
Switch to use the new help skb_probe_transport_header() to do the l4 header probing for untrusted sources. For packets with partial csum, the header should already been set by skb_partial_csum_set(). Cc: Eric Dumazet <edumazet@google.com> Signed-off-by: Jason Wang <jasowang@redhat.com> Acked-by: Eric Dumazet <edumazet@google.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/packet/af_packet.c')
-rw-r--r--net/packet/af_packet.c22
1 files changed, 3 insertions, 19 deletions
diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c
index 83fdd0a87eb6..8e4644ff8d34 100644
--- a/net/packet/af_packet.c
+++ b/net/packet/af_packet.c
@@ -88,7 +88,6 @@
88#include <linux/virtio_net.h> 88#include <linux/virtio_net.h>
89#include <linux/errqueue.h> 89#include <linux/errqueue.h>
90#include <linux/net_tstamp.h> 90#include <linux/net_tstamp.h>
91#include <net/flow_keys.h>
92 91
93#ifdef CONFIG_INET 92#ifdef CONFIG_INET
94#include <net/inet_common.h> 93#include <net/inet_common.h>
@@ -1413,7 +1412,6 @@ static int packet_sendmsg_spkt(struct kiocb *iocb, struct socket *sock,
1413 __be16 proto = 0; 1412 __be16 proto = 0;
1414 int err; 1413 int err;
1415 int extra_len = 0; 1414 int extra_len = 0;
1416 struct flow_keys keys;
1417 1415
1418 /* 1416 /*
1419 * Get and verify the address. 1417 * Get and verify the address.
@@ -1514,10 +1512,7 @@ retry:
1514 if (unlikely(extra_len == 4)) 1512 if (unlikely(extra_len == 4))
1515 skb->no_fcs = 1; 1513 skb->no_fcs = 1;
1516 1514
1517 if (skb_flow_dissect(skb, &keys)) 1515 skb_probe_transport_header(skb, 0);
1518 skb_set_transport_header(skb, keys.thoff);
1519 else
1520 skb_reset_transport_header(skb);
1521 1516
1522 dev_queue_xmit(skb); 1517 dev_queue_xmit(skb);
1523 rcu_read_unlock(); 1518 rcu_read_unlock();
@@ -1925,7 +1920,6 @@ static int tpacket_fill_skb(struct packet_sock *po, struct sk_buff *skb,
1925 struct page *page; 1920 struct page *page;
1926 void *data; 1921 void *data;
1927 int err; 1922 int err;
1928 struct flow_keys keys;
1929 1923
1930 ph.raw = frame; 1924 ph.raw = frame;
1931 1925
@@ -1950,11 +1944,7 @@ static int tpacket_fill_skb(struct packet_sock *po, struct sk_buff *skb,
1950 1944
1951 skb_reserve(skb, hlen); 1945 skb_reserve(skb, hlen);
1952 skb_reset_network_header(skb); 1946 skb_reset_network_header(skb);
1953 1947 skb_probe_transport_header(skb, 0);
1954 if (skb_flow_dissect(skb, &keys))
1955 skb_set_transport_header(skb, keys.thoff);
1956 else
1957 skb_reset_transport_header(skb);
1958 1948
1959 if (po->tp_tx_has_off) { 1949 if (po->tp_tx_has_off) {
1960 int off_min, off_max, off; 1950 int off_min, off_max, off;
@@ -2212,7 +2202,6 @@ static int packet_snd(struct socket *sock,
2212 unsigned short gso_type = 0; 2202 unsigned short gso_type = 0;
2213 int hlen, tlen; 2203 int hlen, tlen;
2214 int extra_len = 0; 2204 int extra_len = 0;
2215 struct flow_keys keys;
2216 2205
2217 /* 2206 /*
2218 * Get and verify the address. 2207 * Get and verify the address.
@@ -2365,12 +2354,7 @@ static int packet_snd(struct socket *sock,
2365 len += vnet_hdr_len; 2354 len += vnet_hdr_len;
2366 } 2355 }
2367 2356
2368 if (skb->ip_summed == CHECKSUM_PARTIAL) 2357 skb_probe_transport_header(skb, reserve);
2369 skb_set_transport_header(skb, skb_checksum_start_offset(skb));
2370 else if (skb_flow_dissect(skb, &keys))
2371 skb_set_transport_header(skb, keys.thoff);
2372 else
2373 skb_set_transport_header(skb, reserve);
2374 2358
2375 if (unlikely(extra_len == 4)) 2359 if (unlikely(extra_len == 4))
2376 skb->no_fcs = 1; 2360 skb->no_fcs = 1;