Hi,
On Wednesday, July 22, 2009 19:01:14 Michael Blizek wrote:
> Hi!
>
> On 17:11 Wed 22 Jul , Loránd Jakab wrote:
> > On Wednesday, July 22, 2009 08:15:12 Michael Blizek wrote:
> > > Hi!
> > >
> > > On 18:28 Tue 21 Jul , Loránd Jakab wrote:
> > > > Hello,
> > > >
> > > > I am working on implementing an experimental network protocol.
> > > > I have netfilter hook which changes the payload after the IP
> > > > header and the destination IP in packets with a certain
> > > > protocol id. This part works.
> > > >
> > > > For some packets, I need to generate an extra packet. To do
> > > > this, I copy the sk_buff, modify stuff on the copy and try
> > > > sending it with dev_queue_xmit(), then modify the original and
> > > > return NF_ACCEPT. The result is: the original get through (the
> > > > one with NF_ACCEPT) but the copy doesn't.
> > > >
> > > > Here's the code for copying and sending the copy:
> > > >
> > > > static void send_payload(struct sk_buff *skb, struct in_addr
> > > > rloc)
> > >
> > > Where do you call this function? Immediately before the ip stack
> > > calls dev_queue_xmit? If not, the ip stack might not have
> > > finished building the packet.
> > >
> > > -Michi
> >
> > Hi,
> >
> > This function is called from an ipfilter hook, which is registered
> > at IP_PRE_ROUTING. I replace some data, but I don't do the routing
> > so the correct MAC header is not created. After discovering this, I
> > tried three approaches:
> >
> > * Calling ip_route_input and then dev_queue_xmit() - same as
> > before, I get the IP header in place of the MAC header
> > * Calling ip_queue_xmit() - which does routing as well, I checked
> > the implementation - I get a kernel panic
> > * Futile, but just in case, ip_route_input() and ip_queue_xmit() -
> > kernel panic
>
> Do you get something like this?
> void skb_under_panic(struct sk_buff *skb, int sz, void *here)
> {
> printk(KERN_EMERG "skb_under_panic: text:%p len:%d put:%d
> head:%p " "data:%p tail:%#lx end:%#lx dev:%s\n", here, skb->len, sz,
> skb->head, skb->data,
> (unsigned long)skb->tail, (unsigned long)skb->end,
> skb->dev ? skb->dev->name : "<NULL>");
> BUG();
> }
>
> > It seems that ip_queue_xmit should be what I need, I don't know why
> > it crashes...
>
> If the above text is the reason, it may be triggered by this line in
> ip_queue_xmit:
>
> skb_push(skb, sizeof(struct iphdr) + (opt ? opt->optlen : 0));
>
> Which basically means that it assumes that there is no ip header so
> far and this function wants to add it at the beginning of the buffer.
> However, there is no headroom and so it crashes. You can try this
> immediately before calling ip_queue_xmit(I know it is ugly, maybe
> someboby knows a better way?):
>
> skb_push(skb, (int)(skb_transport_header(skb) - skb->head));
>
> -Michi
I don't get a panic formatted like that, I get a stack trace with the
last two lines like this:
EIP: [<c02e0924>] ip_queue_xmit+0x14/0x430 SS:ESP 0068:c0439d18
Kernel panic - not syncing: Fatal exception in interrupt
Any hints?
Thanks,
Lori
--
To unsubscribe from this list: send an email with
"unsubscribe kernelnewbies" to ecartis@xxxxxxxxxxxx
Please read the FAQ at http://kernelnewbies.org/FAQ
