On Thu, Mar 10, 2022 at 5:30 PM Jakub Kicinski kuba@kernel.org wrote:
On Thu, 10 Mar 2022 14:13:28 -0800 Tadeusz Struk wrote:
diff --git a/net/ipv6/ip6_output.c b/net/ipv6/ip6_output.c index 4788f6b37053..6d45112322a0 100644 --- a/net/ipv6/ip6_output.c +++ b/net/ipv6/ip6_output.c @@ -1649,6 +1649,16 @@ static int __ip6_append_data(struct sock *sk, skb->protocol = htons(ETH_P_IPV6); skb->ip_summed = csummode; skb->csum = 0;
/*
* Check if there is still room for payload
*/
TBH I think the check is self-explanatory. Not worth a banner comment, for sure.
if (fragheaderlen >= mtu) {
err = -EMSGSIZE;
kfree_skb(skb);
goto error;
}
Not sure if Willem prefers this placement, but seems like we can lift this check out of the loop, as soon as fragheaderlen and mtu are known.
/* reserve for fragmentation and ipsec header */ skb_reserve(skb, hh_len + sizeof(struct frag_hdr) + dst_exthdrlen);
Just updating this boundary check will do?
if (mtu < fragheaderlen || ((mtu - fragheaderlen) & ~7) + fragheaderlen < sizeof(struct frag_hdr)) goto emsgsize;