On Tue, 2013-04-02 at 12:56 +0200, frank.blaschka@xxxxxxxxxx wrote:
> plain text document attachment (601-af-iucv-skb-pull.diff)
> From: Hendrik Brueckner <brueckner@xxxxxxxxxxxxxxxxxx>
>
> When receiving data messages, the "BUG_ON(skb->len < skb->data_len)" in
> the skb_pull() function triggers a kernel panic.
>
> Check if the skb uses paged data (is non-linear) and use the pskb_pull()
> function. Use skb_pull() for linear skbs' only.
>
> Reviewed-by: Ursula Braun <ursula.braun@xxxxxxxxxx>
> Signed-off-by: Hendrik Brueckner <brueckner@xxxxxxxxxxxxxxxxxx>
> Signed-off-by: Frank Blaschka <blaschka@xxxxxxxxxxxxxxxxxx>
> ---
> net/iucv/af_iucv.c | 5 ++++-
> 1 file changed, 4 insertions(+), 1 deletion(-)
>
> --- a/net/iucv/af_iucv.c
> +++ b/net/iucv/af_iucv.c
> @@ -1382,7 +1382,10 @@ static int iucv_sock_recvmsg(struct kioc
>
> /* SOCK_STREAM: re-queue skb if it contains unreceived data */
> if (sk->sk_type == SOCK_STREAM) {
> - skb_pull(skb, copied);
> + if (skb_is_nonlinear(skb))
> + pskb_pull(skb, copied);
> + else
> + skb_pull(skb, copied);
> if (skb->len) {
> skb_queue_head(&sk->sk_receive_queue, skb);
> goto done;
That cant be right. You can not ignore pskb_pull() return value.
Its also not very efficient.
I would advise using a per skb offset, to avoid skb_pull()
--
To unsubscribe from this list: send the line "unsubscribe linux-s390" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
