Hi,
On Sun, 18 Sep 2016 13:26:30 -0700, [email protected] wrote:
> On Sun, Sep 18, 2016 at 3:09 AM, Shmulik Ladkani
> <[email protected]> wrote:
> > diff --git a/net/core/skbuff.c b/net/core/skbuff.c
> > index 1e329d4112..cc2c004838 100644
> > --- a/net/core/skbuff.c
> > +++ b/net/core/skbuff.c
> > @@ -4537,7 +4537,7 @@ int skb_vlan_pop(struct sk_buff *skb)
> > } else {
> > if (unlikely((skb->protocol != htons(ETH_P_8021Q) &&
> > skb->protocol != htons(ETH_P_8021AD)) ||
> > - skb->len < VLAN_ETH_HLEN))
> > + skb->mac_len < VLAN_ETH_HLEN))
>
> There is already check in __skb_vlan_pop() to validate skb for a vlan
> header. So it is safe to drop this check entirely.
Seems validation in '__skb_vlan_pop' has slightly different semantics:
unsigned int offset = skb->data - skb_mac_header(skb);
__skb_push(skb, offset);
err = skb_ensure_writable(skb, VLAN_ETH_HLEN);
this pushes 'data' back to mac_header, then makes sure there's sufficient
place in skb to _store_ VLAN_ETH_HLEN bytes (by pulling into linear part
if needed, or erroring if skb is too small).
There's no guarantee the original mac header was sized VLAN_ETH_HLEN.
Interpretation of the following
if (unlikely((skb->protocol != htons(ETH_P_8021Q) &&
skb->protocol != htons(ETH_P_8021AD)) ||
skb->len < VLAN_ETH_HLEN))
return 0;
in 'skb_vlan_pop' might be read as:
"there's no tag, or protocol says its a tag but it's insufficient to pop,
so lets do nothing".
Is it superflous?
Thanks,
Shmulik
