anonfunc/xtables-addons
1
0
Fork 0
mirror of git://git.code.sf.net/p/xtables-addons/xtables-addons synced 2025-09-06 20:55:13 +02:00
Code Issues Releases Wiki Activity

TEE: make skb writable before attempting checksum update

Browse Source 
This also adds the compat function xtnu_skb_make_writable().
This commit is contained in:
Jan Engelhardt
2008-04-09 20:06:17 +02:00
parent 37e51dc44d
commit f34be8445f
4 changed files with 17 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
extensions/compat_xtables.c
View File

@@ -309,6 +309,18 @@ int xtnu_ip_route_me_harder(struct sk_buff *skb, unsigned int addr_type)
return ret;
}
EXPORT_SYMBOL_GPL(xtnu_ip_route_me_harder);
int xtnu_skb_make_writable(struct sk_buff *skb, unsigned int len)
{
struct sk_buff *nskb = skb;
int ret;
ret = skb_make_writable(&skb, len);
if (nskb != skb)
return unable(__func__);
return ret;
}
EXPORT_SYMBOL_GPL(xtnu_skb_make_writable);
#endif
#if LINUX_VERSION_CODE == KERNEL_VERSION(2, 6, 24)

1
extensions/compat_xtables.h
View File

@@ -59,6 +59,7 @@
#if LINUX_VERSION_CODE <= KERNEL_VERSION(2, 6, 23)
# define xt_target xtnu_target
# define ip_route_me_harder xtnu_ip_route_me_harder
# define skb_make_writable xtnu_skb_make_writable
# define xt_register_target xtnu_register_target
# define xt_unregister_target xtnu_unregister_target
# define xt_register_targets xtnu_register_targets

1
extensions/compat_xtnu.h
View File

@@ -69,6 +69,7 @@ static inline struct xtnu_target *xtcompat_nutarget(const struct xt_target *t)
extern int xtnu_ip_local_out(struct sk_buff *);
extern int xtnu_ip_route_me_harder(struct sk_buff *, unsigned int);
extern int xtnu_skb_make_writable(struct sk_buff *, unsigned int);
extern int xtnu_register_match(struct xtnu_match *);
extern int xtnu_ip_route_output_key(void *, struct rtable **, struct flowi *);
extern void xtnu_unregister_match(struct xtnu_match *);

3
extensions/xt_TEE.c
View File

@@ -158,6 +158,9 @@ tee_tg(struct sk_buff *skb, const struct net_device *in,
}
#endif
if (!skb_make_writable(skb, sizeof(struct iphdr)))
return NF_DROP;
/*
* If we are in INPUT, the checksum must be recalculated since
* the length could have changed as a result of defragmentation.