On 10/7/15 6:09 AM, Daniel Borkmann wrote:
bpf_prog_run_clear_cb() wouldn't work on dev_forward_skb() as
skb->pkt_type is then being scrubbed to PACKET_HOST, so on the
receive path, AF_PACKET might not always see clean skbs->cb[]
as assumed ... I think that the skb->pkt_type part needs to be
drop
On 10/07/2015 11:39 AM, Daniel Borkmann wrote:
On 10/07/2015 04:18 AM, Alexei Starovoitov wrote:
eBPF socket filter programs may see junk in 'u32 cb[5]' area,
since it could have been used by protocol layers earlier.
On the receive path the af_packet sees clean skb->cb.
On the xmit the dev_queu
On 10/07/2015 04:18 AM, Alexei Starovoitov wrote:
eBPF socket filter programs may see junk in 'u32 cb[5]' area,
since it could have been used by protocol layers earlier.
On the receive path the af_packet sees clean skb->cb.
On the xmit the dev_queue_xmit_nit() delivers cloned skb, so we can
cond
eBPF socket filter programs may see junk in 'u32 cb[5]' area,
since it could have been used by protocol layers earlier.
On the receive path the af_packet sees clean skb->cb.
On the xmit the dev_queue_xmit_nit() delivers cloned skb, so we can
conditionally clean 20 bytes of skb->cb that could be us
