tc ebpf da failed to read the udp data when data length >= 215

Hello: I am having an odd issue. I tried to read the udp data by tc ebpf da, however it worked only when the data length <= 214. As far as I know, data_end points to the end of the linear data, that means the skb should be enough for more than 214 in general. Any ideas about how to

Is it safe to modify the data directly instead of bpf helper function in tc direct-action mode?

I tried the 3 line code: __builtin_memcpy(skb, &ip->saddr, &src, sizeof(src); __builtin_memcpy(skb, &ip->daddr, &dst, sizeof(dst); ip->check = 0x12; To my surprise, tc dit not reject the code in direct-action mode. IIRC, since skb must stays uncloned, the verifier will detect all the writes, whic

Failed to call bpf_l3_csum_replace() twice for IPIP tunnel

hello, I am trying to modify the src addr (both inner and outer) of IPIP tunnel. this is the testing code: === void *data = (void *)(long)skb->data; void *data_end = (void *)(long)skb->data_end; struct ethhdr *eth = data; struct iphdr *ip_outer = (void *)(eth