Thank you for your thorough review comment! On Fri, Jul 31, 2020 at 7:13 AM Willem de Bruijn <willemdebruijn.ker...@gmail.com> wrote: > > Thanks for fixing a kernel panic. The existing line was added recently > in commit 9dc829a135fb ("drivers/net/wan/lapbether: Fixed the value of > hard_header_len"). I assume a kernel with that commit reverted also > panics? It does looks like it would.
Yes, that commit also fixed kernel panic. But that patch only fixed kernel panic when using AF_PACKET/DGRAM sockets. It didn't fix kernel panic when using AF_PACKET/RAW sockets. This patch attempts to fix kernel panic when using AF_PACKET/RAW sockets, too. > If this driver submits a modified packet to an underlying eth device, > it is akin to tunnel drivers. The hard_header_len vs needed_headroom > discussion also came up there recently [1]. That discussion points to > commit c95b819ad75b ("gre: Use needed_headroom"). So the general > approach in this patch is fine. Do note the point about mtu > calculations -- but this device just hardcodes a 1000 byte dev->mtu > irrespective of underlying ethernet device mtu, so I guess it has > bigger issues on that point. Yes, I didn't consider the issue of mtu calculation. Maybe we need to calculate the mtu of this device based on the underlying Ethernet device, too. We may also need to handle the situation where the mtu of the underlying Ethernet device changes. I'm not sure if the mtu of the device can be changed by the user without explicit support from the driver. If it can, we may also need to set max_mtu and min_mtu properly to prevent the user from setting it to invalid values. > But, packet sockets with SOCK_RAW have to pass a fully formed packet > with all the headers the ndo_start_xmit expects, i.e., it should be > safe for the device to just pull that many bytes. X25 requires the > peculiar one byte pseudo header you mention: lapbeth_xmit > unconditionally reads skb->data[0] and then calls skb_pull(skb, 1). > This could be considered the device hard header len. Yes, I agree that we can use hard_header_len (and min_header_len) to prevent packets shorter than 1 byte from passing. But because af_packet.c reserves a header space of needed_headroom for RAW sockets, but hard_header_len + needed_headroom for DGRAM sockets, it appears to me that af_packet.c expects hard_header_len to be the header length created by dev_hard_header. We can, however, set hard_header_len to 1 and let dev_hard_header generate a 0-sized header, but this makes af_packet.c to reserve an extra unused 1-byte header space for DGRAM sockets, and DGRAM sockets will not be protected by the 1-byte minimum length check like RAW sockets. The best solution might be to implement header_ops for X.25 drivers and let dev_hard_header create this 1-byte header, so that hard_header_len can equal to the header length created by dev_hard_header. This might be the best way to fit the logic of af_packet.c. But this requires changing the interface of X.25 drivers so it might be a big change.