Skip to content

Commit fb2eb1c

Browse files
Florian Westphalummakynes
Florian Westphal
authored and
ummakynes
committed
netfilter: tcpmss, optstrip: prefer skb_ensure_writable
This also changes optstrip to only make the tcp header writeable rather than the entire packet. Signed-off-by: Florian Westphal <[email protected]> Signed-off-by: Pablo Neira Ayuso <[email protected]>
1 parent 8e03707 commit fb2eb1c

File tree

2 files changed

+14
-16
lines changed

2 files changed

+14
-16
lines changed

net/netfilter/xt_TCPMSS.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -89,7 +89,7 @@ tcpmss_mangle_packet(struct sk_buff *skb,
8989
if (par->fragoff != 0)
9090
return 0;
9191

92-
if (!skb_make_writable(skb, skb->len))
92+
if (skb_ensure_writable(skb, skb->len))
9393
return -1;
9494

9595
len = skb->len - tcphoff;

net/netfilter/xt_TCPOPTSTRIP.c

Lines changed: 13 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -31,33 +31,33 @@ static inline unsigned int optlen(const u_int8_t *opt, unsigned int offset)
3131
static unsigned int
3232
tcpoptstrip_mangle_packet(struct sk_buff *skb,
3333
const struct xt_action_param *par,
34-
unsigned int tcphoff, unsigned int minlen)
34+
unsigned int tcphoff)
3535
{
3636
const struct xt_tcpoptstrip_target_info *info = par->targinfo;
37+
struct tcphdr *tcph, _th;
3738
unsigned int optl, i, j;
38-
struct tcphdr *tcph;
3939
u_int16_t n, o;
4040
u_int8_t *opt;
41-
int len, tcp_hdrlen;
41+
int tcp_hdrlen;
4242

4343
/* This is a fragment, no TCP header is available */
4444
if (par->fragoff != 0)
4545
return XT_CONTINUE;
4646

47-
if (!skb_make_writable(skb, skb->len))
47+
tcph = skb_header_pointer(skb, tcphoff, sizeof(_th), &_th);
48+
if (!tcph)
4849
return NF_DROP;
4950

50-
len = skb->len - tcphoff;
51-
if (len < (int)sizeof(struct tcphdr))
52-
return NF_DROP;
53-
54-
tcph = (struct tcphdr *)(skb_network_header(skb) + tcphoff);
5551
tcp_hdrlen = tcph->doff * 4;
52+
if (tcp_hdrlen < sizeof(struct tcphdr))
53+
return NF_DROP;
5654

57-
if (len < tcp_hdrlen)
55+
if (skb_ensure_writable(skb, tcphoff + tcp_hdrlen))
5856
return NF_DROP;
5957

60-
opt = (u_int8_t *)tcph;
58+
/* must reload tcph, might have been moved */
59+
tcph = (struct tcphdr *)(skb_network_header(skb) + tcphoff);
60+
opt = (u8 *)tcph;
6161

6262
/*
6363
* Walk through all TCP options - if we find some option to remove,
@@ -91,8 +91,7 @@ tcpoptstrip_mangle_packet(struct sk_buff *skb,
9191
static unsigned int
9292
tcpoptstrip_tg4(struct sk_buff *skb, const struct xt_action_param *par)
9393
{
94-
return tcpoptstrip_mangle_packet(skb, par, ip_hdrlen(skb),
95-
sizeof(struct iphdr) + sizeof(struct tcphdr));
94+
return tcpoptstrip_mangle_packet(skb, par, ip_hdrlen(skb));
9695
}
9796

9897
#if IS_ENABLED(CONFIG_IP6_NF_MANGLE)
@@ -109,8 +108,7 @@ tcpoptstrip_tg6(struct sk_buff *skb, const struct xt_action_param *par)
109108
if (tcphoff < 0)
110109
return NF_DROP;
111110

112-
return tcpoptstrip_mangle_packet(skb, par, tcphoff,
113-
sizeof(*ipv6h) + sizeof(struct tcphdr));
111+
return tcpoptstrip_mangle_packet(skb, par, tcphoff);
114112
}
115113
#endif
116114

0 commit comments

Comments
 (0)