netfilter: nf_ct_sane: remove pseudo skb linearization
authorFlorian Westphal <fw@strlen.de>
Tue, 9 Aug 2022 13:16:32 +0000 (15:16 +0200)
committerPablo Neira Ayuso <pablo@netfilter.org>
Thu, 11 Aug 2022 14:50:25 +0000 (16:50 +0200)
commita664375da76c6da8f83dc7997e43c568e1eb9a6a
tree7044005820acce1b7f596c8722e8042adfe5b8e6
parentc485c35ff6783ccd12c160fcac6a0e504e83e0bf
netfilter: nf_ct_sane: remove pseudo skb linearization

For historical reason this code performs pseudo linearization of skbs
via skb_header_pointer and a global 64k buffer.

With arrival of BIG TCP, packets generated by TCP stack can exceed 64kb.

Rewrite this to only extract the needed header data.  This also allows
to get rid of the locking.

Fixes: 7c4e983c4f3c ("net: allow gso_max_size to exceed 65536")
Fixes: 0fe79f28bfaf ("net: allow gro_max_size to exceed 65536")
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
net/netfilter/nf_conntrack_sane.c