Skip to content

Commit

Permalink
Multiple BPF-helpers that can manipulate/increase the size of the SKB…
Browse files Browse the repository at this point in the history 
… uses

__bpf_skb_max_len() as the max-length. This function limit size against the
current net_device MTU (skb->dev->mtu).

Often packets gets redirected to another net_device, that can have a larger
MTU, and this is the MTU that should count. The MTU limiting at this stage
seems wrong and redundant as the netstack will handle MTU checking
elsewhere.

Redirecting into sockmap by sk_skb programs already skip this MTU check.
Keep what commit 0c6bc6e ("bpf: fix sk_skb programs without skb->dev
assigned") did, and limit the max_len to SKB_MAX_ALLOC.

Also notice that the max_len MTU check is already skipped for GRO SKBs
(skb_is_gso), in both bpf_skb_adjust_room() and bpf_skb_change_head().
Thus, it is clearly safe to remove this check.

Signed-off-by: Jesper Dangaard Brouer <brouer@redhat.com>
---
 net/core/filter.c |    3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)
  • Loading branch information
@netoptimizer @tsipa
netoptimizer authored and tsipa committed Sep 4, 2020
1 parent de815e2 commit f9f5af7
Showing 1 changed file with 1 addition and 2 deletions.
3 changes: 1 addition & 2 deletions net/core/filter.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3211,8 +3211,7 @@ static int bpf_skb_net_shrink(struct sk_buff *skb, u32 off, u32 len_diff,

static u32 __bpf_skb_max_len(const struct sk_buff *skb)
{
return skb->dev ? skb->dev->mtu + skb->dev->hard_header_len :
SKB_MAX_ALLOC;
return SKB_MAX_ALLOC;
}

BPF_CALL_4(bpf_skb_adjust_room, struct sk_buff *, skb, s32, len_diff,
Expand Down

0 comments on commit f9f5af7

Please sign in to comment.