On Sat, Apr 16, 2022 at 02:24:34PM +0200, Sven Eckelmann wrote:
The receiving interface might have used GRO to receive more fragments than MAX_SKB_FRAGS fragments. In this case, these will not be stored in skb_shinfo(skb)->frags but merged into the frag list.
batman-adv relies on the function skb_split to split packets up into multiple smaller packets which are not larger than the MTU on the outgoing interface. But this function cannot handle frag_list entries and is only operating on skb_shinfo(skb)->frags. If it is then still trying to split such an skb and xmit'ing it on an interface without support for NETIF_F_FRAGLIST then validate_xmit_skb() will try to linearize it. But this fails due to inconsistent information and __pskb_pull_tail will trigger a BUG_ON after skb_copy_bits() returns an error.
In case of entries in frag_list, just linearize the skb before operating on it with skb_split().
Hi Sven
This is not an area of the kernel i'm very familiar with. But i'm wondering, is this a BATMAN specific problem, or a generic problem? Should the fix be in BATMAN, or the core?
Andrew