[NET]: Clone the sk_buff 'iif' field in __skb_clone()

Both NetLabel and SELinux (other LSMs may grow to use it as well) rely on the 'iif' field to determine the receiving network interface of inbound packets. Unfortunately, at present this field is not preserved across a skb clone operation which can lead to garbage values if the cloned skb is sent back through the network stack. This patch corrects this problem by properly copying the 'iif' field in __skb_clone() and removing the 'iif' field assignment from skb_act_clone() since it is no longer needed. Also, while we are here, put the assignments in the same order as the offsets to reduce cacheline bounces. Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>

[NET]: Clone the sk_buff 'iif' field in __skb_clone()
Both NetLabel and SELinux (other LSMs may grow to use it as well) rely on the 'iif' field to determine the receiving network interface of inbound packets. Unfortunately, at present this field is not preserved across a skb clone operation which can lead to garbage values if the cloned skb is sent back through the network stack. This patch corrects this problem by properly copying the 'iif' field in __skb_clone() and removing the 'iif' field assignment from skb_act_clone() since it is no longer needed. Also, while we are here, put the assignments in the same order as the offsets to reduce cacheline bounces. Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Paul Moore · David S. Miller
1 parent d8c9283089
Showing 2 changed files with 6 additions and 6 deletions Side-by-side Diff
include/net/sch_generic.h
net/core/skbuff.c
@@ -325,7 +325,6 @@
 		n->tc_verd = SET_TC_VERD(n->tc_verd, 0);
 		n->tc_verd = CLR_TC_OK2MUNGE(n->tc_verd);
 		n->tc_verd = CLR_TC_MUNGED(n->tc_verd);
-		n->iif = skb->iif;
 	}
 	return n;
 }
@@ -416,16 +416,17 @@
 	C(len);
 	C(data_len);
 	C(mac_len);
-	n->cloned = 1;
 	n->hdr_len = skb->nohdr ? skb_headroom(skb) : skb->hdr_len;
+	n->cloned = 1;
 	n->nohdr = 0;
 	n->destructor = NULL;
-	C(truesize);
-	atomic_set(&n->users, 1);
-	C(head);
-	C(data);
+	C(iif);
 	C(tail);
 	C(end);
+	C(head);
+	C(data);
+	C(truesize);
+	atomic_set(&n->users, 1);
  
 	atomic_inc(&(skb_shinfo(skb)->dataref));
 	skb->cloned = 1;
...	...	@@ -325,7 +325,6 @@
325	325	n->tc_verd = SET_TC_VERD(n->tc_verd, 0);
326	326	n->tc_verd = CLR_TC_OK2MUNGE(n->tc_verd);
327	327	n->tc_verd = CLR_TC_MUNGED(n->tc_verd);
328		- n->iif = skb->iif;
329	328	}
330	329	return n;
331	330	}
...	...	@@ -416,16 +416,17 @@
416	416	C(len);
417	417	C(data_len);
418	418	C(mac_len);
419		- n->cloned = 1;
420	419	n->hdr_len = skb->nohdr ? skb_headroom(skb) : skb->hdr_len;
	420	+ n->cloned = 1;
421	421	n->nohdr = 0;
422	422	n->destructor = NULL;
423		- C(truesize);
424		- atomic_set(&n->users, 1);
425		- C(head);
426		- C(data);
	423	+ C(iif);
427	424	C(tail);
428	425	C(end);
	426	+ C(head);
	427	+ C(data);
	428	+ C(truesize);
	429	+ atomic_set(&n->users, 1);
429	430
430	431	atomic_inc(&(skb_shinfo(skb)->dataref));
431	432	skb->cloned = 1;