On 06/30, Jakub Sitnicki wrote: > With the extension of bpf_dynptr_from_skb(BPF_DYNPTR_F_SKB_METADATA), all > BPF programs authorized to call this kfunc now have access to the skb > metadata area. > > These programs can read up to skb_shinfo(skb)->meta_len bytes located just > before skb_mac_header(skb), regardless of what data is currently there. > > However, as the network stack processes the skb, headers may be added or > removed. Hence, we cannot assume that skb_mac_header() always marks the end > of the metadata area. > > To avoid potential pitfalls, reset the skb metadata length to zero before > passing the skb to the protocol layers. This is a temporary measure until > we can make metadata persist through protocol processing. > > Signed-off-by: Jakub Sitnicki <jakub@xxxxxxxxxxxxxx> > --- > net/core/dev.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/net/core/dev.c b/net/core/dev.c > index be97c440ecd5..4a2389997535 100644 > --- a/net/core/dev.c > +++ b/net/core/dev.c > @@ -5839,6 +5839,7 @@ static int __netif_receive_skb_core(struct sk_buff **pskb, bool pfmemalloc, > } > #endif > skb_reset_redirect(skb); > + skb_metadata_clear(skb); And the assumption that it's not gonna break the existing cases is because there is currently no way to read that metadata out afterwards?
