Commit 2cf6bffc authored by Florian Westphal's avatar Florian Westphal Committed by Pablo Neira Ayuso
Browse files

netfilter: replace skb_make_writable with skb_ensure_writable 



This converts all remaining users and then removes skb_make_writable.

Suggested-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent fb2eb1c1

include/linux/netfilter.h

+0 −5
Original line number Diff line number Diff line
@@ -336,11 +336,6 @@ int compat_nf_getsockopt(struct sock *sk, u_int8_t pf, int optval, 
		char __user *opt, int *len);

#endif



/* Call this before modifying an existing packet: ensures it is

   modifiable and linear to the point you care about (writable_len).

   Returns true or false. */

int skb_make_writable(struct sk_buff *skb, unsigned int writable_len);



struct flowi;

struct nf_queue_entry;

net/netfilter/core.c

+0 −22
Original line number Diff line number Diff line
@@ -536,28 +536,6 @@ int nf_hook_slow(struct sk_buff *skb, struct nf_hook_state *state, 
}

EXPORT_SYMBOL(nf_hook_slow);





int skb_make_writable(struct sk_buff *skb, unsigned int writable_len)

{

	if (writable_len > skb->len)

		return 0;



	/* Not exclusive use of packet?  Must copy. */

	if (!skb_cloned(skb)) {

		if (writable_len <= skb_headlen(skb))

			return 1;

	} else if (skb_clone_writable(skb, writable_len))

		return 1;



	if (writable_len <= skb_headlen(skb))

		writable_len = 0;

	else

		writable_len -= skb_headlen(skb);



	return !!__pskb_pull_tail(skb, writable_len);

}

EXPORT_SYMBOL(skb_make_writable);



/* This needs to be compiled in any case to avoid dependencies between the

 * nfnetlink_queue code and nf_conntrack.

 */

net/netfilter/nf_synproxy_core.c

+1 −1
Original line number Diff line number Diff line
@@ -196,7 +196,7 @@ unsigned int synproxy_tstamp_adjust(struct sk_buff *skb, 
	optoff = protoff + sizeof(struct tcphdr);

	optend = protoff + th->doff * 4;



	if (!skb_make_writable(skb, optend))

	if (skb_ensure_writable(skb, optend))

		return 0;



	while (optoff < optend) {

net/netfilter/nfnetlink_queue.c

+1 −1
Original line number Diff line number Diff line
@@ -863,7 +863,7 @@ nfqnl_mangle(void *data, int data_len, struct nf_queue_entry *e, int diff) 
		}

		skb_put(e->skb, diff);

	}

	if (!skb_make_writable(e->skb, data_len))

	if (skb_ensure_writable(e->skb, data_len))

		return -ENOMEM;

	skb_copy_to_linear_data(e->skb, data, data_len);

	e->skb->ip_summed = CHECKSUM_NONE;

net/netfilter/xt_DSCP.c

+4 −4
Original line number Diff line number Diff line
@@ -34,7 +34,7 @@ dscp_tg(struct sk_buff *skb, const struct xt_action_param *par) 
	u_int8_t dscp = ipv4_get_dsfield(ip_hdr(skb)) >> XT_DSCP_SHIFT;



	if (dscp != dinfo->dscp) {

		if (!skb_make_writable(skb, sizeof(struct iphdr)))

		if (skb_ensure_writable(skb, sizeof(struct iphdr)))

			return NF_DROP;



		ipv4_change_dsfield(ip_hdr(skb),
@@ -52,7 +52,7 @@ dscp_tg6(struct sk_buff *skb, const struct xt_action_param *par) 
	u_int8_t dscp = ipv6_get_dsfield(ipv6_hdr(skb)) >> XT_DSCP_SHIFT;



	if (dscp != dinfo->dscp) {

		if (!skb_make_writable(skb, sizeof(struct ipv6hdr)))

		if (skb_ensure_writable(skb, sizeof(struct ipv6hdr)))

			return NF_DROP;



		ipv6_change_dsfield(ipv6_hdr(skb),
@@ -82,7 +82,7 @@ tos_tg(struct sk_buff *skb, const struct xt_action_param *par) 
	nv   = (orig & ~info->tos_mask) ^ info->tos_value;



	if (orig != nv) {

		if (!skb_make_writable(skb, sizeof(struct iphdr)))

		if (skb_ensure_writable(skb, sizeof(struct iphdr)))

			return NF_DROP;

		iph = ip_hdr(skb);

		ipv4_change_dsfield(iph, 0, nv);
@@ -102,7 +102,7 @@ tos_tg6(struct sk_buff *skb, const struct xt_action_param *par) 
	nv   = (orig & ~info->tos_mask) ^ info->tos_value;



	if (orig != nv) {

		if (!skb_make_writable(skb, sizeof(struct iphdr)))

		if (skb_ensure_writable(skb, sizeof(struct iphdr)))

			return NF_DROP;

		iph = ipv6_hdr(skb);

		ipv6_change_dsfield(iph, 0, nv);

CRA Git | Maintained and supported by SUSTech CRA and CCSE