linux/net/core
Herbert Xu 576a30eb64 [NET]: Added GSO header verification
When GSO packets come from an untrusted source (e.g., a Xen guest domain),
we need to verify the header integrity before passing it to the hardware.

Since the first step in GSO is to verify the header, we can reuse that
code by adding a new bit to gso_type: SKB_GSO_DODGY.  Packets with this
bit set can only be fed directly to devices with the corresponding bit
NETIF_F_GSO_ROBUST.  If the device doesn't have that bit, then the skb
is fed to the GSO engine which will allow the packet to be sent to the
hardware if it passes the header check.

This patch changes the sg flag to a full features flag.  The same method
can be used to implement TSO ECN support.  We simply have to mark packets
with CWR set with SKB_GSO_ECN so that only hardware with a corresponding
NETIF_F_TSO_ECN can accept them.  The GSO engine can either fully segment
the packet, or segment the first MTU and pass the rest to the hardware for
further segmentation.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:57:53 -07:00
..
datagram.c [PATCH] POLLRDHUP/EPOLLRDHUP handling for half-closed devices notifications 2006-03-25 08:22:56 -08:00
dev_mcast.c [NET]: Add netif_tx_lock 2006-06-17 21:30:14 -07:00
dev.c [NET]: Added GSO header verification 2006-06-29 16:57:53 -07:00
dst.c [PATCH] timer initialization cleanup: DEFINE_TIMER 2005-09-09 14:03:48 -07:00
dv.c [NET]: More kzalloc conversions. 2006-04-09 22:25:48 -07:00
ethtool.c [NET]: Added GSO toggle 2006-06-23 02:07:36 -07:00
filter.c unaligned access in sk_run_filter() 2006-04-18 15:57:54 -07:00
flow.c [PATCH] for_each_possible_cpu: network codes 2006-04-11 06:18:31 -07:00
gen_estimator.c [NET]: More kzalloc conversions. 2006-04-09 22:25:48 -07:00
gen_stats.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
iovec.c [PATCH] misc verify_area cleanups 2005-05-01 08:59:08 -07:00
link_watch.c [PATCH] list: use list_replace_init() instead of list_splice_init() 2006-06-23 07:43:07 -07:00
Makefile [I/OAT]: Utility functions for offloading sk_buff to iovec copies 2006-06-17 21:25:46 -07:00
neighbour.c [NEIGH]: Fix IP-over-ATM and ARP interaction. 2006-05-12 14:56:08 -07:00
net-sysfs.c [NET]: Create netdev attribute_groups with class_device_add 2006-05-06 17:56:03 -07:00
netpoll.c [NET] netpoll: break recursive loop in netpoll rx path 2006-06-26 00:04:27 -07:00
pktgen.c [NET]: Add netif_tx_lock 2006-06-17 21:30:14 -07:00
request_sock.c [NET]: More kzalloc conversions. 2006-04-09 22:25:48 -07:00
rtnetlink.c [PATCH] WE-20 for kernel 2.6.16 2006-03-23 07:12:57 -05:00
scm.c [PATCH] capable/capability.h (net/) 2006-01-11 18:42:14 -08:00
skbuff.c [NET]: Added GSO header verification 2006-06-29 16:57:53 -07:00
sock.c [I/OAT]: Structure changes for TCP recv offload to I/OAT 2006-06-17 21:25:48 -07:00
stream.c [NET]: Add skb->truesize assertion checking. 2006-04-20 00:10:50 -07:00
sysctl_net_core.c [IPSEC]: Sync series - core changes 2006-03-20 19:15:11 -08:00
user_dma.c [I/OAT]: Add a sysctl for tuning the I/OAT offloaded I/O threshold 2006-06-17 21:25:54 -07:00
utils.c [PATCH] for_each_possible_cpu: network codes 2006-04-11 06:18:31 -07:00
wireless.c [PATCH] wext: Fix RtNetlink ENCODE security permissions 2006-04-19 17:25:41 -04:00