Merge branch 'drop_monitor-Better-sanitize-notified-packets'

Ido Schimmel says:

====================
drop_monitor: Better sanitize notified packets

When working in 'packet' mode, drop monitor generates a notification
with a potentially truncated payload of the dropped packet. The payload
is copied from the MAC header, but I forgot to check that the MAC header
was set, so do it now.

Patch #1 sets the offsets to the various protocol layers in netdevsim,
so that it will continue to work after the MAC header check is added to
drop monitor in patch #2.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>

diff --git a/drivers/net/netdevsim/dev.c b/drivers/net/netdevsim/dev.c
index 7fba7b2..56576d4 100644 (file)
--- a/drivers/net/netdevsim/dev.c
+++ b/drivers/net/netdevsim/dev.c
@@ -374,12 +374,14 @@ static struct sk_buff *nsim_dev_trap_skb_build(void)
                return NULL;
        tot_len = sizeof(struct iphdr) + sizeof(struct udphdr) + data_len;
 
+       skb_reset_mac_header(skb);
        eth = skb_put(skb, sizeof(struct ethhdr));
        eth_random_addr(eth->h_dest);
        eth_random_addr(eth->h_source);
        eth->h_proto = htons(ETH_P_IP);
        skb->protocol = htons(ETH_P_IP);
 
+       skb_set_network_header(skb, skb->len);
        iph = skb_put(skb, sizeof(struct iphdr));
        iph->protocol = IPPROTO_UDP;
        iph->saddr = in_aton("192.0.2.1");
@@ -392,6 +394,7 @@ static struct sk_buff *nsim_dev_trap_skb_build(void)
        iph->check = 0;
        iph->check = ip_fast_csum((unsigned char *)iph, iph->ihl);
 
+       skb_set_transport_header(skb, skb->len);
        udph = skb_put_zero(skb, sizeof(struct udphdr) + data_len);
        get_random_bytes(&udph->source, sizeof(u16));
        get_random_bytes(&udph->dest, sizeof(u16));

diff --git a/net/core/drop_monitor.c b/net/core/drop_monitor.c
index cc60cc2..536e032 100644 (file)
--- a/net/core/drop_monitor.c
+++ b/net/core/drop_monitor.c
@@ -487,6 +487,9 @@ static void net_dm_packet_trace_kfree_skb_hit(void *ignore,
        struct sk_buff *nskb;
        unsigned long flags;
 
+       if (!skb_mac_header_was_set(skb))
+               return;
+
        nskb = skb_clone(skb, GFP_ATOMIC);
        if (!nskb)
                return;
@@ -900,6 +903,9 @@ net_dm_hw_packet_probe(struct sk_buff *skb,
        struct sk_buff *nskb;
        unsigned long flags;
 
+       if (!skb_mac_header_was_set(skb))
+               return;
+
        nskb = skb_clone(skb, GFP_ATOMIC);
        if (!nskb)
                return;