aboutsummaryrefslogtreecommitdiffstats
path: root/net/core/skbuff.c
diff options
context:
space:
mode:
authorHerbert Xu <herbert@gondor.apana.org.au>2006-06-27 16:22:38 -0400
committerDavid S. Miller <davem@sunset.davemloft.net>2006-06-29 19:57:53 -0400
commit576a30eb6453439b3c37ba24455ac7090c247b5a (patch)
treee0c427a61e3de5c93e797c09903d910f6f060e64 /net/core/skbuff.c
parent68c1692e3ea5d79f24cb5cc566c4a73939d13d25 (diff)
[NET]: Added GSO header verification
When GSO packets come from an untrusted source (e.g., a Xen guest domain), we need to verify the header integrity before passing it to the hardware. Since the first step in GSO is to verify the header, we can reuse that code by adding a new bit to gso_type: SKB_GSO_DODGY. Packets with this bit set can only be fed directly to devices with the corresponding bit NETIF_F_GSO_ROBUST. If the device doesn't have that bit, then the skb is fed to the GSO engine which will allow the packet to be sent to the hardware if it passes the header check. This patch changes the sg flag to a full features flag. The same method can be used to implement TSO ECN support. We simply have to mark packets with CWR set with SKB_GSO_ECN so that only hardware with a corresponding NETIF_F_TSO_ECN can accept them. The GSO engine can either fully segment the packet, or segment the first MTU and pass the rest to the hardware for further segmentation. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/core/skbuff.c')
-rw-r--r--net/core/skbuff.c5
1 files changed, 3 insertions, 2 deletions
diff --git a/net/core/skbuff.c b/net/core/skbuff.c
index 6edbb90cbcec..dfef9eece83e 100644
--- a/net/core/skbuff.c
+++ b/net/core/skbuff.c
@@ -1848,13 +1848,13 @@ EXPORT_SYMBOL_GPL(skb_pull_rcsum);
1848/** 1848/**
1849 * skb_segment - Perform protocol segmentation on skb. 1849 * skb_segment - Perform protocol segmentation on skb.
1850 * @skb: buffer to segment 1850 * @skb: buffer to segment
1851 * @sg: whether scatter-gather can be used for generated segments 1851 * @features: features for the output path (see dev->features)
1852 * 1852 *
1853 * This function performs segmentation on the given skb. It returns 1853 * This function performs segmentation on the given skb. It returns
1854 * the segment at the given position. It returns NULL if there are 1854 * the segment at the given position. It returns NULL if there are
1855 * no more segments to generate, or when an error is encountered. 1855 * no more segments to generate, or when an error is encountered.
1856 */ 1856 */
1857struct sk_buff *skb_segment(struct sk_buff *skb, int sg) 1857struct sk_buff *skb_segment(struct sk_buff *skb, int features)
1858{ 1858{
1859 struct sk_buff *segs = NULL; 1859 struct sk_buff *segs = NULL;
1860 struct sk_buff *tail = NULL; 1860 struct sk_buff *tail = NULL;
@@ -1863,6 +1863,7 @@ struct sk_buff *skb_segment(struct sk_buff *skb, int sg)
1863 unsigned int offset = doffset; 1863 unsigned int offset = doffset;
1864 unsigned int headroom; 1864 unsigned int headroom;
1865 unsigned int len; 1865 unsigned int len;
1866 int sg = features & NETIF_F_SG;
1866 int nfrags = skb_shinfo(skb)->nr_frags; 1867 int nfrags = skb_shinfo(skb)->nr_frags;
1867 int err = -ENOMEM; 1868 int err = -ENOMEM;
1868 int i = 0; 1869 int i = 0;