mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2025-01-16 02:14:58 +00:00
1e9b0e1c55
802.2+LLC+SNAP frames received by napi_complete_done() with GRO and DSA
have skb->transport_header set two bytes short, or pointing 2 bytes
before network_header & skb->data. This was an issue as snap_rcv()
expected offset to point to SNAP header (OID:PID), causing packet to
be dropped.
A fix at llc_fixup_skb() (a024e377efed) resets transport_header for any
LLC consumers that may care about it, and stops SNAP packets from being
dropped, but doesn't fix the problem which is that LLC and SNAP should
not use transport_header offset.
Ths patch eliminates the use of transport_header offset for SNAP lookup
of OID:PID so that SNAP does not rely on the offset at all.
The offset is reset after pull for any SNAP packet consumers that may
(but shouldn't) use it.
Fixes: fda55eca5a33 ("net: introduce skb_transport_header_was_set()")
Signed-off-by: Antonio Pastor <antonio.pastor@gmail.com>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Link: https://patch.msgid.link/20250103012303.746521-1-antonio.pastor@gmail.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
165 lines
3.3 KiB
C
165 lines
3.3 KiB
C
// SPDX-License-Identifier: GPL-2.0-or-later
|
|
/*
|
|
* SNAP data link layer. Derived from 802.2
|
|
*
|
|
* Alan Cox <alan@lxorguk.ukuu.org.uk>,
|
|
* from the 802.2 layer by Greg Page.
|
|
* Merged in additions from Greg Page's psnap.c.
|
|
*/
|
|
|
|
#include <linux/module.h>
|
|
#include <linux/netdevice.h>
|
|
#include <linux/skbuff.h>
|
|
#include <linux/slab.h>
|
|
#include <net/datalink.h>
|
|
#include <net/llc.h>
|
|
#include <net/psnap.h>
|
|
#include <linux/mm.h>
|
|
#include <linux/in.h>
|
|
#include <linux/init.h>
|
|
#include <linux/rculist.h>
|
|
|
|
static LIST_HEAD(snap_list);
|
|
static DEFINE_SPINLOCK(snap_lock);
|
|
static struct llc_sap *snap_sap;
|
|
|
|
/*
|
|
* Find a snap client by matching the 5 bytes.
|
|
*/
|
|
static struct datalink_proto *find_snap_client(const unsigned char *desc)
|
|
{
|
|
struct datalink_proto *proto = NULL, *p;
|
|
|
|
list_for_each_entry_rcu(p, &snap_list, node, lockdep_is_held(&snap_lock)) {
|
|
if (!memcmp(p->type, desc, 5)) {
|
|
proto = p;
|
|
break;
|
|
}
|
|
}
|
|
return proto;
|
|
}
|
|
|
|
/*
|
|
* A SNAP packet has arrived
|
|
*/
|
|
static int snap_rcv(struct sk_buff *skb, struct net_device *dev,
|
|
struct packet_type *pt, struct net_device *orig_dev)
|
|
{
|
|
int rc = 1;
|
|
struct datalink_proto *proto;
|
|
static struct packet_type snap_packet_type = {
|
|
.type = cpu_to_be16(ETH_P_SNAP),
|
|
};
|
|
|
|
if (unlikely(!pskb_may_pull(skb, 5)))
|
|
goto drop;
|
|
|
|
rcu_read_lock();
|
|
proto = find_snap_client(skb->data);
|
|
if (proto) {
|
|
/* Pass the frame on. */
|
|
skb_pull_rcsum(skb, 5);
|
|
skb_reset_transport_header(skb);
|
|
rc = proto->rcvfunc(skb, dev, &snap_packet_type, orig_dev);
|
|
}
|
|
rcu_read_unlock();
|
|
|
|
if (unlikely(!proto))
|
|
goto drop;
|
|
|
|
out:
|
|
return rc;
|
|
|
|
drop:
|
|
kfree_skb(skb);
|
|
goto out;
|
|
}
|
|
|
|
/*
|
|
* Put a SNAP header on a frame and pass to 802.2
|
|
*/
|
|
static int snap_request(struct datalink_proto *dl,
|
|
struct sk_buff *skb, const u8 *dest)
|
|
{
|
|
memcpy(skb_push(skb, 5), dl->type, 5);
|
|
llc_build_and_send_ui_pkt(snap_sap, skb, dest, snap_sap->laddr.lsap);
|
|
return 0;
|
|
}
|
|
|
|
/*
|
|
* Set up the SNAP layer
|
|
*/
|
|
EXPORT_SYMBOL(register_snap_client);
|
|
EXPORT_SYMBOL(unregister_snap_client);
|
|
|
|
static const char snap_err_msg[] __initconst =
|
|
KERN_CRIT "SNAP - unable to register with 802.2\n";
|
|
|
|
static int __init snap_init(void)
|
|
{
|
|
snap_sap = llc_sap_open(0xAA, snap_rcv);
|
|
if (!snap_sap) {
|
|
printk(snap_err_msg);
|
|
return -EBUSY;
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
module_init(snap_init);
|
|
|
|
static void __exit snap_exit(void)
|
|
{
|
|
llc_sap_put(snap_sap);
|
|
}
|
|
|
|
module_exit(snap_exit);
|
|
|
|
|
|
/*
|
|
* Register SNAP clients. We don't yet use this for IP.
|
|
*/
|
|
struct datalink_proto *register_snap_client(const unsigned char *desc,
|
|
int (*rcvfunc)(struct sk_buff *,
|
|
struct net_device *,
|
|
struct packet_type *,
|
|
struct net_device *))
|
|
{
|
|
struct datalink_proto *proto = NULL;
|
|
|
|
spin_lock_bh(&snap_lock);
|
|
|
|
if (find_snap_client(desc))
|
|
goto out;
|
|
|
|
proto = kmalloc(sizeof(*proto), GFP_ATOMIC);
|
|
if (proto) {
|
|
memcpy(proto->type, desc, 5);
|
|
proto->rcvfunc = rcvfunc;
|
|
proto->header_length = 5 + 3; /* snap + 802.2 */
|
|
proto->request = snap_request;
|
|
list_add_rcu(&proto->node, &snap_list);
|
|
}
|
|
out:
|
|
spin_unlock_bh(&snap_lock);
|
|
|
|
return proto;
|
|
}
|
|
|
|
/*
|
|
* Unregister SNAP clients. Protocols no longer want to play with us ...
|
|
*/
|
|
void unregister_snap_client(struct datalink_proto *proto)
|
|
{
|
|
spin_lock_bh(&snap_lock);
|
|
list_del_rcu(&proto->node);
|
|
spin_unlock_bh(&snap_lock);
|
|
|
|
synchronize_net();
|
|
|
|
kfree(proto);
|
|
}
|
|
|
|
MODULE_DESCRIPTION("SNAP data link layer. Derived from 802.2");
|
|
MODULE_LICENSE("GPL");
|