On 2020/07/04 20:33, Toke Høiland-Jørgensen wrote:
Toshiaki Makita <toshiaki.makita1@xxxxxxxxx> writes:
On 2020/07/04 5:26, Toke Høiland-Jørgensen wrote:
...
+/* A getter for the SKB protocol field which will handle VLAN tags consistently
+ * whether VLAN acceleration is enabled or not.
+ */
+static inline __be16 skb_protocol(const struct sk_buff *skb, bool skip_vlan)
+{
+ unsigned int offset = skb_mac_offset(skb) + sizeof(struct ethhdr);
+ __be16 proto = skb->protocol;
+
+ if (!skip_vlan)
+ /* VLAN acceleration strips the VLAN header from the skb and
+ * moves it to skb->vlan_proto
+ */
+ return skb_vlan_tag_present(skb) ? skb->vlan_proto : proto;
+
+ while (eth_type_vlan(proto)) {
+ struct vlan_hdr vhdr, *vh;
+
+ vh = skb_header_pointer(skb, offset, sizeof(vhdr), &vhdr);
+ if (!vh)
+ break;
+
+ proto = vh->h_vlan_encapsulated_proto;
+ offset += sizeof(vhdr);
+ }
Why don't you use __vlan_get_protocol() here? It looks quite similar.
Is there any problem with using that?
TBH, I completely missed that helper. It seems to have side effects,
though (pskb_may_pull()), which is one of the things the original patch
to sch_cake that initiated all of this was trying to avoid.
Sorry for not completely following the discussion...
Pulling data is wrong for cake or other schedulers?
I guess I could just fix that, though, and switch __vlan_get_protocol()
over to using skb_header_pointer(). Will send a follow-up to do that.
Any opinion on whether it's a good idea to limit the max parse depth
while I'm at it (see Daniel's reply)?
The logic was originally introduced by skb_network_protocol() back in v3.10,
and I have never heard of security report about that. But yes, I guess it
potentially can be used for DoS attack.
Toshiaki Makita
