Re: [PATCH net-next] bpf, events: fix offset in skb copy handler

From: David Miller
Date: Mon Jul 25 2016 - 13:35:24 EST

From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
Date: Fri, 22 Jul 2016 01:19:42 +0200

> This patch fixes the __output_custom() routine we currently use with
> bpf_skb_copy(). I missed that when len is larger than the size of the
> current handle, we can issue multiple invocations of copy_func, and
> __output_custom() advances destination but also source buffer by the
> written amount of bytes. When we have __output_custom(), this is actually
> wrong since in that case the source buffer points to a non-linear object,
> in our case an skb, which the copy_func helper is supposed to walk.
> Therefore, since this is non-linear we thus need to pass the offset into
> the helper, so that copy_func can use it for extracting the data from
> the source object.
> Therefore, adjust the callback signatures properly and pass offset
> into the skb_header_pointer() invoked from bpf_skb_copy() callback. The
> __DEFINE_OUTPUT_COPY_BODY() is adjusted to accommodate for two things:
> i) to pass in whether we should advance source buffer or not; this is
> a compile-time constant condition, ii) to pass in the offset for
> __output_custom(), which we do with help of __VA_ARGS__, so everything
> can stay inlined as is currently. Both changes allow for adapting the
> __output_* fast-path helpers w/o extra overhead.
> Fixes: 555c8a8623a3 ("bpf: avoid stack copy and use skb ctx for event output")
> Fixes: 7e3f977edd0b ("perf, events: add non-linear data support for raw records")
> Signed-off-by: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
> Acked-by: Alexei Starovoitov <ast@xxxxxxxxxx>