diff mbox series

[net-next] net: no longer reset transport_header in __netif_receive_skb_core()

Message ID 20250107144342.499759-1-edumazet@google.com (mailing list archive)
State New
Delegated to: Netdev Maintainers
Headers show
Series [net-next] net: no longer reset transport_header in __netif_receive_skb_core() | expand

Checks

Context Check Description
netdev/series_format success Single patches do not need cover letters
netdev/tree_selection success Clearly marked for net-next
netdev/ynl success Generated files up to date; no warnings/errors; no diff in generated;
netdev/fixes_present success Fixes tag not required for -next series
netdev/header_inline success No static functions without inline keyword in header files
netdev/build_32bit success Errors and warnings before: 1 this patch: 1
netdev/build_tools success No tools touched, skip
netdev/cc_maintainers success CCed 5 of 5 maintainers
netdev/build_clang success Errors and warnings before: 3 this patch: 3
netdev/verify_signedoff success Signed-off-by tag matches author and committer
netdev/deprecated_api success None detected
netdev/check_selftest success No net selftest shell script
netdev/verify_fixes success No Fixes tag
netdev/build_allmodconfig_warn success Errors and warnings before: 6 this patch: 6
netdev/checkpatch success total: 0 errors, 0 warnings, 0 checks, 14 lines checked
netdev/build_clang_rust success No Rust files in patch. Skipping build
netdev/kdoc success Errors and warnings before: 79 this patch: 79
netdev/source_inline success Was 0 now: 0
netdev/contest success net-next-2025-01-07--18-00 (tests: 883)

Commit Message

Eric Dumazet Jan. 7, 2025, 2:43 p.m. UTC 
In commit 66e4c8d95008 ("net: warn if transport header was not set")
I added a debug check in skb_transport_header() to detect
if a caller expects the transport_header to be set to a meaningful
value by a prior code path.

Unfortunately, __netif_receive_skb_core() resets the transport header
to the same value than the network header, defeating this check
in receive paths.

Pretending the transport and network headers are the same
is usually wrong.

This patch removes this reset for CONFIG_DEBUG_NET=y builds
to let fuzzers and CI find bugs.

Signed-off-by: Eric Dumazet <edumazet@google.com>
---
 net/core/dev.c | 6 ++++++
 1 file changed, 6 insertions(+)

Comments

Simon Horman Jan. 8, 2025, 9:43 a.m. UTC | #1 
On Tue, Jan 07, 2025 at 02:43:42PM +0000, Eric Dumazet wrote:
> In commit 66e4c8d95008 ("net: warn if transport header was not set")
> I added a debug check in skb_transport_header() to detect
> if a caller expects the transport_header to be set to a meaningful
> value by a prior code path.
> 
> Unfortunately, __netif_receive_skb_core() resets the transport header
> to the same value than the network header, defeating this check
> in receive paths.
> 
> Pretending the transport and network headers are the same
> is usually wrong.
> 
> This patch removes this reset for CONFIG_DEBUG_NET=y builds
> to let fuzzers and CI find bugs.
> 
> Signed-off-by: Eric Dumazet <edumazet@google.com>

Reviewed-by: Simon Horman <horms@kernel.org>
diff mbox series

Patch

diff --git a/net/core/dev.c b/net/core/dev.c
index 073f682a9653a212198b12bae17fafe7b46f96e9..d2b6b3b96459159dc6fbd34143821516e9d0c5bd 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -5476,8 +5476,14 @@  static int __netif_receive_skb_core(struct sk_buff **pskb, bool pfmemalloc,
 	orig_dev = skb->dev;
 
 	skb_reset_network_header(skb);
+#if !defined(CONFIG_DEBUG_NET)
+	/* We plan to no longer reset the transport header here.
+	 * Give some time to fuzzers and dev build to catch bugs
+	 * in network stacks.
+	 */
 	if (!skb_transport_header_was_set(skb))
 		skb_reset_transport_header(skb);
+#endif
 	skb_reset_mac_len(skb);
 
 	pt_prev = NULL;