diff options
| author | Jason Wang <jasowang@redhat.com> | 2013-03-26 23:11:22 +0000 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2013-03-27 12:48:31 -0400 |
| commit | 40893fd0fd4e0eda8c6a53db6a8e6013b2d44c16 (patch) | |
| tree | f61f8374d9a77385ef06012256b68633edb27e2c /net/packet/af_packet.c | |
| parent | 5203cd28db6dc05c3618a602cf4cf81203d00257 (diff) | |
| download | linux-40893fd0fd4e0eda8c6a53db6a8e6013b2d44c16.tar.gz | |
net: switch to use skb_probe_transport_header()
Switch to use the new help skb_probe_transport_header() to do the l4 header probing for untrusted sources. For packets with partial csum, the header should already been set by skb_partial_csum_set(). Cc: Eric Dumazet <edumazet@google.com> Signed-off-by: Jason Wang <jasowang@redhat.com> Acked-by: Eric Dumazet <edumazet@google.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/packet/af_packet.c')
| -rw-r--r-- | net/packet/af_packet.c | 22 |
1 files changed, 3 insertions, 19 deletions
diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c index 83fdd0a87eb6..8e4644ff8d34 100644 --- a/net/packet/af_packet.c +++ b/net/packet/af_packet.c @@ -88,7 +88,6 @@ #include <linux/virtio_net.h> #include <linux/errqueue.h> #include <linux/net_tstamp.h> -#include <net/flow_keys.h> #ifdef CONFIG_INET #include <net/inet_common.h> @@ -1413,7 +1412,6 @@ static int packet_sendmsg_spkt(struct kiocb *iocb, struct socket *sock, __be16 proto = 0; int err; int extra_len = 0; - struct flow_keys keys; /* * Get and verify the address. @@ -1514,10 +1512,7 @@ retry: if (unlikely(extra_len == 4)) skb->no_fcs = 1; - if (skb_flow_dissect(skb, &keys)) - skb_set_transport_header(skb, keys.thoff); - else - skb_reset_transport_header(skb); + skb_probe_transport_header(skb, 0); dev_queue_xmit(skb); rcu_read_unlock(); @@ -1925,7 +1920,6 @@ static int tpacket_fill_skb(struct packet_sock *po, struct sk_buff *skb, struct page *page; void *data; int err; - struct flow_keys keys; ph.raw = frame; @@ -1950,11 +1944,7 @@ static int tpacket_fill_skb(struct packet_sock *po, struct sk_buff *skb, skb_reserve(skb, hlen); skb_reset_network_header(skb); - - if (skb_flow_dissect(skb, &keys)) - skb_set_transport_header(skb, keys.thoff); - else - skb_reset_transport_header(skb); + skb_probe_transport_header(skb, 0); if (po->tp_tx_has_off) { int off_min, off_max, off; @@ -2212,7 +2202,6 @@ static int packet_snd(struct socket *sock, unsigned short gso_type = 0; int hlen, tlen; int extra_len = 0; - struct flow_keys keys; /* * Get and verify the address. @@ -2365,12 +2354,7 @@ static int packet_snd(struct socket *sock, len += vnet_hdr_len; } - if (skb->ip_summed == CHECKSUM_PARTIAL) - skb_set_transport_header(skb, skb_checksum_start_offset(skb)); - else if (skb_flow_dissect(skb, &keys)) - skb_set_transport_header(skb, keys.thoff); - else - skb_set_transport_header(skb, reserve); + skb_probe_transport_header(skb, reserve); if (unlikely(extra_len == 4)) skb->no_fcs = 1; |