Message ID | 1378788533-5609-1-git-send-email-govindarajulu90@gmail.com |
---|---|
State | Rejected, archived |
Delegated to: | David Miller |
Headers | show |
On Tue, 2013-09-10 at 10:18 +0530, Govindarajulu Varadarajan wrote: > The following patch memset the skb to 0 after alloc. We do this in > __alloc_skb_head, __alloc_skb, build_skb. We are missing this in > skb_clone. > > The following call to __skb_clone in skb_clone does not copy all the > members of sk_buff. If we donot clear the skb to 0, we will have some > uninitialized members in new skb. Which ones exactly ? I would rather make sure all fields are properly copied. Your patch is incomplete, because it doesn't handle the fast clone case. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Tue, 10 Sep 2013, Eric Dumazet wrote: > On Tue, 2013-09-10 at 10:18 +0530, Govindarajulu Varadarajan wrote: >> The following patch memset the skb to 0 after alloc. We do this in >> __alloc_skb_head, __alloc_skb, build_skb. We are missing this in >> skb_clone. >> >> The following call to __skb_clone in skb_clone does not copy all the >> members of sk_buff. If we donot clear the skb to 0, we will have some >> uninitialized members in new skb. > > Which ones exactly ? > > I would rather make sure all fields are properly copied. > > Your patch is incomplete, because it doesn't handle the fast clone case. Sorry, my bad. Didnt check the __copy_skb_header completely. thanks //govind -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/net/core/skbuff.c b/net/core/skbuff.c index d81cff1..fc78f66 100644 --- a/net/core/skbuff.c +++ b/net/core/skbuff.c @@ -891,6 +891,7 @@ struct sk_buff *skb_clone(struct sk_buff *skb, gfp_t gfp_mask) n = kmem_cache_alloc(skbuff_head_cache, gfp_mask); if (!n) return NULL; + memset(n, 0, offsetof(struct sk_buff, tail)); kmemcheck_annotate_bitfield(n, flags1); kmemcheck_annotate_bitfield(n, flags2);
The following patch memset the skb to 0 after alloc. We do this in __alloc_skb_head, __alloc_skb, build_skb. We are missing this in skb_clone. The following call to __skb_clone in skb_clone does not copy all the members of sk_buff. If we donot clear the skb to 0, we will have some uninitialized members in new skb. Signed-off-by: Govindarajulu Varadarajan <govindarajulu90@gmail.com> --- net/core/skbuff.c | 1 + 1 file changed, 1 insertion(+)