On Thu, May 01, 2008 at 03:49:50AM -0700, David Miller wrote: > > Once that is cured, I think we can detect this better, by adding a > carefully constructed assertion to pskb_expand_head(). Basically, the > idea is, if "nhead" or "ntail" are non-zero, and there is a socket > still attached to the SKB, print a warning message. > > Something like: > > diff --git a/net/core/skbuff.c b/net/core/skbuff.c > index 4fe605f..9bfca08 100644 > --- a/net/core/skbuff.c > +++ b/net/core/skbuff.c > @@ -699,6 +699,12 @@ int pskb_expand_head(struct sk_buff *skb, int nhead, int ntail, > if (skb_shared(skb)) > BUG(); > > + if (unlikely((nhead || ntail) && skb->sk)) { > + printk(KERN_ERR "SKB BUG: Illegal pskb expand (%d:%d) " > + "with socket attached\n", > + nhead, ntail); > + } This could actually work :) I was worried about tunnelling doing a genuine expansion on such a packet but it turns that it does a skb_clone first. So perhaps we should just require that if a packet is to be expanded while attached to a socket then it must be cloned first. Cheers, -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html