Le 09/11/2018 à 19:51, Martin Lau a écrit :
> On Thu, Nov 08, 2018 at 04:11:37PM +0100, Nicolas Dichtel wrote:
[snip]
>> +static int bpf_skb_data_shrink(struct sk_buff *skb, u32 len)
>> +{
>> + unsigned short hhlen = skb->dev->header_ops ?
>> + skb->dev->hard_header_len : 0;
>> + int ret;
>> +
>> + ret = skb_unclone(skb, GFP_ATOMIC);
>> + if (unlikely(ret < 0))
>> + return ret;
>> +
>> + __skb_pull(skb, len);
>> + skb_reset_mac_header(skb);
>> + skb_reset_network_header(skb);
>> + skb->network_header += hhlen;
>> + skb_reset_transport_header(skb);
> hmm...why transport_header does not need += hhlen here
> while network_header does?
network_header is mandatory because bpf_redirect(BPF_F_INGRESS) can be called
and network_header is expected to be correctly set in this case.
For transport_header, I choose to not set it, because the stack will set it
later (for example ip_rcv_core()).
Regards,
Nicolas
