| Message ID | AM6PR03MB5848A1EE8F0EBA45D440F8EA99222@AM6PR03MB5848.eurprd03.prod.outlook.com (mailing list archive) |
|---|---|
| State | Changes Requested |
| Delegated to: | Netdev Maintainers |
| Headers | show |
| Series | [net-next] net: ipv4, ipv6: Fix incorrect skb->data_len caused by __ip_append_data | expand |
On Tue, 5 Mar 2024 22:42:05 +0000 Juntong Deng wrote: > When __ip_append_data allocate the first skb in the queue, or when the > size of the data in the skb exceed the MTU and require a new fragment > and allocate a new skb, both cause the size of the data increased by > this __ip_append_data to not be added to skb->data_len. > > This is because in the current __ip_append_data, skb_put is used when > putting in the data for the new skb, but skb_put only increase skb->len, > but not skb->data_len, resulting in skb->data_len missing this part of > the data size. > > All skb processed by __ip_append_data are unable to obtain the accurate > data size based on skb->data_len for the above reason. > > Also __ip6_append_data has the same problem. > > This patch fixes the bug. data_len is the amount of data in the non-linear parts of the skb. Please run some tests before submitting patches.
diff --git a/net/ipv4/ip_output.c b/net/ipv4/ip_output.c index 1fe794967211..42686be0a843 100644 --- a/net/ipv4/ip_output.c +++ b/net/ipv4/ip_output.c @@ -1171,6 +1171,9 @@ static int __ip_append_data(struct sock *sk, copy = 0; } + if (copy >= 0) + skb->data_len += copy; + offset += copy; length -= copy + transhdrlen; transhdrlen = 0; diff --git a/net/ipv6/ip6_output.c b/net/ipv6/ip6_output.c index 31b86fe661aa..2091b91513f0 100644 --- a/net/ipv6/ip6_output.c +++ b/net/ipv6/ip6_output.c @@ -1689,6 +1689,9 @@ static int __ip6_append_data(struct sock *sk, copy = 0; } + if (copy >= 0) + skb->data_len += copy; + offset += copy; length -= copy + transhdrlen; transhdrlen = 0;
When __ip_append_data allocate the first skb in the queue, or when the size of the data in the skb exceed the MTU and require a new fragment and allocate a new skb, both cause the size of the data increased by this __ip_append_data to not be added to skb->data_len. This is because in the current __ip_append_data, skb_put is used when putting in the data for the new skb, but skb_put only increase skb->len, but not skb->data_len, resulting in skb->data_len missing this part of the data size. All skb processed by __ip_append_data are unable to obtain the accurate data size based on skb->data_len for the above reason. Also __ip6_append_data has the same problem. This patch fixes the bug. Signed-off-by: Juntong Deng <juntong.deng@outlook.com> --- net/ipv4/ip_output.c | 3 +++ net/ipv6/ip6_output.c | 3 +++ 2 files changed, 6 insertions(+)