Skip to content

Commit f15ca72

Browse files
NicolasDichteldavem330
NicolasDichtel
authored and
davem330
committed
net: don't call update_pmtu unconditionally
Some dst_ops (e.g. md_dst_ops)) doesn't set this handler. It may result to: "BUG: unable to handle kernel NULL pointer dereference at (null)" Let's add a helper to check if update_pmtu is available before calling it. Fixes: 52a589d ("geneve: update skb dst pmtu on tx path") Fixes: a93bf0f ("vxlan: update skb dst pmtu on tx path") CC: Roman Kapl <code@rkapl.cz> CC: Xin Long <lucien.xin@gmail.com> Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com> Signed-off-by: David S. Miller <davem@davemloft.net>
1 parent 4ee806d commit f15ca72

File tree

9 files changed

+20
-18
lines changed

9 files changed

+20
-18
lines changed

drivers/infiniband/ulp/ipoib/ipoib_cm.c

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1456,8 +1456,7 @@ void ipoib_cm_skb_too_long(struct net_device *dev, struct sk_buff *skb,
14561456
struct ipoib_dev_priv *priv = ipoib_priv(dev);
14571457
int e = skb_queue_empty(&priv->cm.skb_queue);
14581458

1459-
if (skb_dst(skb))
1460-
skb_dst(skb)->ops->update_pmtu(skb_dst(skb), NULL, skb, mtu);
1459+
skb_dst_update_pmtu(skb, mtu);
14611460

14621461
skb_queue_tail(&priv->cm.skb_queue, skb);
14631462
if (e)

drivers/net/geneve.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -829,7 +829,7 @@ static int geneve_xmit_skb(struct sk_buff *skb, struct net_device *dev,
829829
int mtu = dst_mtu(&rt->dst) - sizeof(struct iphdr) -
830830
GENEVE_BASE_HLEN - info->options_len - 14;
831831

832-
skb_dst(skb)->ops->update_pmtu(skb_dst(skb), NULL, skb, mtu);
832+
skb_dst_update_pmtu(skb, mtu);
833833
}
834834

835835
sport = udp_flow_src_port(geneve->net, skb, 1, USHRT_MAX, true);
@@ -875,7 +875,7 @@ static int geneve6_xmit_skb(struct sk_buff *skb, struct net_device *dev,
875875
int mtu = dst_mtu(dst) - sizeof(struct ipv6hdr) -
876876
GENEVE_BASE_HLEN - info->options_len - 14;
877877

878-
skb_dst(skb)->ops->update_pmtu(skb_dst(skb), NULL, skb, mtu);
878+
skb_dst_update_pmtu(skb, mtu);
879879
}
880880

881881
sport = udp_flow_src_port(geneve->net, skb, 1, USHRT_MAX, true);

drivers/net/vxlan.c

Lines changed: 2 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -2158,8 +2158,7 @@ static void vxlan_xmit_one(struct sk_buff *skb, struct net_device *dev,
21582158
if (skb_dst(skb)) {
21592159
int mtu = dst_mtu(ndst) - VXLAN_HEADROOM;
21602160

2161-
skb_dst(skb)->ops->update_pmtu(skb_dst(skb), NULL,
2162-
skb, mtu);
2161+
skb_dst_update_pmtu(skb, mtu);
21632162
}
21642163

21652164
tos = ip_tunnel_ecn_encap(tos, old_iph, skb);
@@ -2200,8 +2199,7 @@ static void vxlan_xmit_one(struct sk_buff *skb, struct net_device *dev,
22002199
if (skb_dst(skb)) {
22012200
int mtu = dst_mtu(ndst) - VXLAN6_HEADROOM;
22022201

2203-
skb_dst(skb)->ops->update_pmtu(skb_dst(skb), NULL,
2204-
skb, mtu);
2202+
skb_dst_update_pmtu(skb, mtu);
22052203
}
22062204

22072205
tos = ip_tunnel_ecn_encap(tos, old_iph, skb);

include/net/dst.h

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -521,4 +521,12 @@ static inline struct xfrm_state *dst_xfrm(const struct dst_entry *dst)
521521
}
522522
#endif
523523

524+
static inline void skb_dst_update_pmtu(struct sk_buff *skb, u32 mtu)
525+
{
526+
struct dst_entry *dst = skb_dst(skb);
527+
528+
if (dst && dst->ops->update_pmtu)
529+
dst->ops->update_pmtu(dst, NULL, skb, mtu);
530+
}
531+
524532
#endif /* _NET_DST_H */

net/ipv4/ip_tunnel.c

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -520,8 +520,7 @@ static int tnl_update_pmtu(struct net_device *dev, struct sk_buff *skb,
520520
else
521521
mtu = skb_dst(skb) ? dst_mtu(skb_dst(skb)) : dev->mtu;
522522

523-
if (skb_dst(skb))
524-
skb_dst(skb)->ops->update_pmtu(skb_dst(skb), NULL, skb, mtu);
523+
skb_dst_update_pmtu(skb, mtu);
525524

526525
if (skb->protocol == htons(ETH_P_IP)) {
527526
if (!skb_is_gso(skb) &&

net/ipv4/ip_vti.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -200,7 +200,7 @@ static netdev_tx_t vti_xmit(struct sk_buff *skb, struct net_device *dev,
200200

201201
mtu = dst_mtu(dst);
202202
if (skb->len > mtu) {
203-
skb_dst(skb)->ops->update_pmtu(skb_dst(skb), NULL, skb, mtu);
203+
skb_dst_update_pmtu(skb, mtu);
204204
if (skb->protocol == htons(ETH_P_IP)) {
205205
icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED,
206206
htonl(mtu));

net/ipv6/ip6_tunnel.c

Lines changed: 2 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -642,8 +642,7 @@ ip4ip6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
642642
if (rel_info > dst_mtu(skb_dst(skb2)))
643643
goto out;
644644

645-
skb_dst(skb2)->ops->update_pmtu(skb_dst(skb2), NULL, skb2,
646-
rel_info);
645+
skb_dst_update_pmtu(skb2, rel_info);
647646
}
648647

649648
icmp_send(skb2, rel_type, rel_code, htonl(rel_info));
@@ -1131,8 +1130,7 @@ int ip6_tnl_xmit(struct sk_buff *skb, struct net_device *dev, __u8 dsfield,
11311130
mtu = 576;
11321131
}
11331132

1134-
if (skb_dst(skb) && !t->parms.collect_md)
1135-
skb_dst(skb)->ops->update_pmtu(skb_dst(skb), NULL, skb, mtu);
1133+
skb_dst_update_pmtu(skb, mtu);
11361134
if (skb->len - t->tun_hlen - eth_hlen > mtu && !skb_is_gso(skb)) {
11371135
*pmtu = mtu;
11381136
err = -EMSGSIZE;

net/ipv6/ip6_vti.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -483,7 +483,7 @@ vti6_xmit(struct sk_buff *skb, struct net_device *dev, struct flowi *fl)
483483

484484
mtu = dst_mtu(dst);
485485
if (!skb->ignore_df && skb->len > mtu) {
486-
skb_dst(skb)->ops->update_pmtu(dst, NULL, skb, mtu);
486+
skb_dst_update_pmtu(skb, mtu);
487487

488488
if (skb->protocol == htons(ETH_P_IPV6)) {
489489
if (mtu < IPV6_MIN_MTU)

net/ipv6/sit.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -934,8 +934,8 @@ static netdev_tx_t ipip6_tunnel_xmit(struct sk_buff *skb,
934934
df = 0;
935935
}
936936

937-
if (tunnel->parms.iph.daddr && skb_dst(skb))
938-
skb_dst(skb)->ops->update_pmtu(skb_dst(skb), NULL, skb, mtu);
937+
if (tunnel->parms.iph.daddr)
938+
skb_dst_update_pmtu(skb, mtu);
939939

940940
if (skb->len > mtu && !skb_is_gso(skb)) {
941941
icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);

0 commit comments

Comments
 (0)