Commit 785644d6 authored by Daniel Axtens's avatar Daniel Axtens Committed by Greg Kroah-Hartman

net: create skb_gso_validate_mac_len()

commit 2b16f048 upstream

If you take a GSO skb, and split it into packets, will the MAC
length (L2 + L3 + L4 headers + payload) of those packets be small
enough to fit within a given length?

Move skb_gso_mac_seglen() to skbuff.h with other related functions
like skb_gso_network_seglen() so we can use it, and then create
skb_gso_validate_mac_len to do the full calculation.
Signed-off-by: default avatarDaniel Axtens <dja@axtens.net>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
[jwang: cherry pick for CVE-2018-1000026]
Signed-off-by: default avatarJack Wang <jinpu.wang@cloud.ionos.com>
Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
parent dee92bc8
...@@ -3317,6 +3317,7 @@ int skb_shift(struct sk_buff *tgt, struct sk_buff *skb, int shiftlen); ...@@ -3317,6 +3317,7 @@ int skb_shift(struct sk_buff *tgt, struct sk_buff *skb, int shiftlen);
void skb_scrub_packet(struct sk_buff *skb, bool xnet); void skb_scrub_packet(struct sk_buff *skb, bool xnet);
unsigned int skb_gso_transport_seglen(const struct sk_buff *skb); unsigned int skb_gso_transport_seglen(const struct sk_buff *skb);
bool skb_gso_validate_mtu(const struct sk_buff *skb, unsigned int mtu); bool skb_gso_validate_mtu(const struct sk_buff *skb, unsigned int mtu);
bool skb_gso_validate_mac_len(const struct sk_buff *skb, unsigned int len);
struct sk_buff *skb_segment(struct sk_buff *skb, netdev_features_t features); struct sk_buff *skb_segment(struct sk_buff *skb, netdev_features_t features);
struct sk_buff *skb_vlan_untag(struct sk_buff *skb); struct sk_buff *skb_vlan_untag(struct sk_buff *skb);
int skb_ensure_writable(struct sk_buff *skb, int write_len); int skb_ensure_writable(struct sk_buff *skb, int write_len);
...@@ -4087,6 +4088,21 @@ static inline unsigned int skb_gso_network_seglen(const struct sk_buff *skb) ...@@ -4087,6 +4088,21 @@ static inline unsigned int skb_gso_network_seglen(const struct sk_buff *skb)
return hdr_len + skb_gso_transport_seglen(skb); return hdr_len + skb_gso_transport_seglen(skb);
} }
/**
* skb_gso_mac_seglen - Return length of individual segments of a gso packet
*
* @skb: GSO skb
*
* skb_gso_mac_seglen is used to determine the real size of the
* individual segments, including MAC/L2, Layer3 (IP, IPv6) and L4
* headers (TCP/UDP).
*/
static inline unsigned int skb_gso_mac_seglen(const struct sk_buff *skb)
{
unsigned int hdr_len = skb_transport_header(skb) - skb_mac_header(skb);
return hdr_len + skb_gso_transport_seglen(skb);
}
/* Local Checksum Offload. /* Local Checksum Offload.
* Compute outer checksum based on the assumption that the * Compute outer checksum based on the assumption that the
* inner checksum will be offloaded later. * inner checksum will be offloaded later.
......
...@@ -4930,37 +4930,74 @@ unsigned int skb_gso_transport_seglen(const struct sk_buff *skb) ...@@ -4930,37 +4930,74 @@ unsigned int skb_gso_transport_seglen(const struct sk_buff *skb)
EXPORT_SYMBOL_GPL(skb_gso_transport_seglen); EXPORT_SYMBOL_GPL(skb_gso_transport_seglen);
/** /**
* skb_gso_validate_mtu - Return in case such skb fits a given MTU * skb_gso_size_check - check the skb size, considering GSO_BY_FRAGS
* *
* @skb: GSO skb * There are a couple of instances where we have a GSO skb, and we
* @mtu: MTU to validate against * want to determine what size it would be after it is segmented.
* *
* skb_gso_validate_mtu validates if a given skb will fit a wanted MTU * We might want to check:
* once split. * - L3+L4+payload size (e.g. IP forwarding)
* - L2+L3+L4+payload size (e.g. sanity check before passing to driver)
*
* This is a helper to do that correctly considering GSO_BY_FRAGS.
*
* @seg_len: The segmented length (from skb_gso_*_seglen). In the
* GSO_BY_FRAGS case this will be [header sizes + GSO_BY_FRAGS].
*
* @max_len: The maximum permissible length.
*
* Returns true if the segmented length <= max length.
*/ */
bool skb_gso_validate_mtu(const struct sk_buff *skb, unsigned int mtu) static inline bool skb_gso_size_check(const struct sk_buff *skb,
{ unsigned int seg_len,
unsigned int max_len) {
const struct skb_shared_info *shinfo = skb_shinfo(skb); const struct skb_shared_info *shinfo = skb_shinfo(skb);
const struct sk_buff *iter; const struct sk_buff *iter;
unsigned int hlen;
hlen = skb_gso_network_seglen(skb);
if (shinfo->gso_size != GSO_BY_FRAGS) if (shinfo->gso_size != GSO_BY_FRAGS)
return hlen <= mtu; return seg_len <= max_len;
/* Undo this so we can re-use header sizes */ /* Undo this so we can re-use header sizes */
hlen -= GSO_BY_FRAGS; seg_len -= GSO_BY_FRAGS;
skb_walk_frags(skb, iter) { skb_walk_frags(skb, iter) {
if (hlen + skb_headlen(iter) > mtu) if (seg_len + skb_headlen(iter) > max_len)
return false; return false;
} }
return true; return true;
} }
/**
* skb_gso_validate_mtu - Return in case such skb fits a given MTU
*
* @skb: GSO skb
* @mtu: MTU to validate against
*
* skb_gso_validate_mtu validates if a given skb will fit a wanted MTU
* once split.
*/
bool skb_gso_validate_mtu(const struct sk_buff *skb, unsigned int mtu)
{
return skb_gso_size_check(skb, skb_gso_network_seglen(skb), mtu);
}
EXPORT_SYMBOL_GPL(skb_gso_validate_mtu); EXPORT_SYMBOL_GPL(skb_gso_validate_mtu);
/**
* skb_gso_validate_mac_len - Will a split GSO skb fit in a given length?
*
* @skb: GSO skb
* @len: length to validate against
*
* skb_gso_validate_mac_len validates if a given skb will fit a wanted
* length once split, including L2, L3 and L4 headers and the payload.
*/
bool skb_gso_validate_mac_len(const struct sk_buff *skb, unsigned int len)
{
return skb_gso_size_check(skb, skb_gso_mac_seglen(skb), len);
}
EXPORT_SYMBOL_GPL(skb_gso_validate_mac_len);
static struct sk_buff *skb_reorder_vlan_header(struct sk_buff *skb) static struct sk_buff *skb_reorder_vlan_header(struct sk_buff *skb)
{ {
int mac_len; int mac_len;
......
...@@ -142,16 +142,6 @@ static u64 psched_ns_t2l(const struct psched_ratecfg *r, ...@@ -142,16 +142,6 @@ static u64 psched_ns_t2l(const struct psched_ratecfg *r,
return len; return len;
} }
/*
* Return length of individual segments of a gso packet,
* including all headers (MAC, IP, TCP/UDP)
*/
static unsigned int skb_gso_mac_seglen(const struct sk_buff *skb)
{
unsigned int hdr_len = skb_transport_header(skb) - skb_mac_header(skb);
return hdr_len + skb_gso_transport_seglen(skb);
}
/* GSO packet is too big, segment it so that tbf can transmit /* GSO packet is too big, segment it so that tbf can transmit
* each segment in time * each segment in time
*/ */
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment