Patch "skbuff: introduce skb_pull_data" has been added to the 5.15-stable tree

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This is a note to let you know that I've just added the patch titled

    skbuff: introduce skb_pull_data

to the 5.15-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     skbuff-introduce-skb_pull_data.patch
and it can be found in the queue-5.15 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.



commit 2d4f94517222d0fa628417ac8333611548ca21fe
Author: Luiz Augusto von Dentz <luiz.von.dentz@xxxxxxxxx>
Date:   Wed Dec 1 10:54:52 2021 -0800

    skbuff: introduce skb_pull_data
    
    [ Upstream commit 13244cccc2b61ec715f0ac583d3037497004d4a5 ]
    
    Like skb_pull but returns the original data pointer before pulling the
    data after performing a check against sbk->len.
    
    This allows to change code that does "struct foo *p = (void *)skb->data;"
    which is hard to audit and error prone, to:
    
            p = skb_pull_data(skb, sizeof(*p));
            if (!p)
                    return;
    
    Which is both safer and cleaner.
    
    Acked-by: Jakub Kicinski <kuba@xxxxxxxxxx>
    Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@xxxxxxxxx>
    Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
    Signed-off-by: Marcel Holtmann <marcel@xxxxxxxxxxxx>
    Stable-dep-of: cda0d6a198e2 ("Bluetooth: qca: fix info leak when fetching fw build id")
    Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>

diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h
index 15de91c65a09a..b230c422dc3b9 100644
--- a/include/linux/skbuff.h
+++ b/include/linux/skbuff.h
@@ -2447,6 +2447,8 @@ static inline void *skb_pull_inline(struct sk_buff *skb, unsigned int len)
 	return unlikely(len > skb->len) ? NULL : __skb_pull(skb, len);
 }
 
+void *skb_pull_data(struct sk_buff *skb, size_t len);
+
 void *__pskb_pull_tail(struct sk_buff *skb, int delta);
 
 static inline void *__pskb_pull(struct sk_buff *skb, unsigned int len)
diff --git a/net/core/skbuff.c b/net/core/skbuff.c
index 4ec8cfd357eba..17073429cc365 100644
--- a/net/core/skbuff.c
+++ b/net/core/skbuff.c
@@ -2071,6 +2071,30 @@ void *skb_pull(struct sk_buff *skb, unsigned int len)
 }
 EXPORT_SYMBOL(skb_pull);
 
+/**
+ *	skb_pull_data - remove data from the start of a buffer returning its
+ *	original position.
+ *	@skb: buffer to use
+ *	@len: amount of data to remove
+ *
+ *	This function removes data from the start of a buffer, returning
+ *	the memory to the headroom. A pointer to the original data in the buffer
+ *	is returned after checking if there is enough data to pull. Once the
+ *	data has been pulled future pushes will overwrite the old data.
+ */
+void *skb_pull_data(struct sk_buff *skb, size_t len)
+{
+	void *data = skb->data;
+
+	if (skb->len < len)
+		return NULL;
+
+	skb_pull(skb, len);
+
+	return data;
+}
+EXPORT_SYMBOL(skb_pull_data);
+
 /**
  *	skb_trim - remove end from a buffer
  *	@skb: buffer to alter




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux