On Sat, Mar 09, 2019 at 10:24:34AM +0100, Florian Westphal wrote: > Xin Long <lucien.xin@xxxxxxxxx> wrote: > > https://marc.info/?l=linux-netdev&m=155109395226858&w=2 > > But from sctp side, Neil preferred sctp_hdr(). > > > > We need to either add skb_set_transport_header() in sctp_s/dnat_handler() > > and sctp_manip_pkt(), or bring that patch back? > > > > Now it seems not good to set skb->transport_header in netfilter code. > > I think its fine, but I wonder why we need to do it. > > Since 21d1196a35f5686c4323e42a62fdb4b23b0ab4a3 ipv4 input path sets > transport header before netfilter. The only problem is that linear > access is illegal without may_pull checks, but in this case the > make_writable call takes care of this already. > Yes, this. It seems to me we should be setting the transport header prior to ever getting into the netfilter code, which does imply that we need the may_pull check to linearize enough of the packet to do so, just like tcp and udp do. > So, why was this patch needed? > If we need it, do we also need to add it in other locations that > deal with sctp csum (e.g. in ipvs?). > This is a fair question, and I'm not yet sure of the answer. > Thanks, > Florian >
