linux/net
Herbert Xu 576a30eb64 [NET]: Added GSO header verification
When GSO packets come from an untrusted source (e.g., a Xen guest domain),
we need to verify the header integrity before passing it to the hardware.

Since the first step in GSO is to verify the header, we can reuse that
code by adding a new bit to gso_type: SKB_GSO_DODGY.  Packets with this
bit set can only be fed directly to devices with the corresponding bit
NETIF_F_GSO_ROBUST.  If the device doesn't have that bit, then the skb
is fed to the GSO engine which will allow the packet to be sent to the
hardware if it passes the header check.

This patch changes the sg flag to a full features flag.  The same method
can be used to implement TSO ECN support.  We simply have to mark packets
with CWR set with SKB_GSO_ECN so that only hardware with a corresponding
NETIF_F_TSO_ECN can accept them.  The GSO engine can either fully segment
the packet, or segment the first MTU and pass the rest to the hardware for
further segmentation.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:57:53 -07:00
..
802 [TR]: Remove an unused export. 2006-05-16 15:23:40 -07:00
8021q [NET]: Replace skb_pull/skb_postpull_rcsum with skb_pull_rcsum 2006-03-20 22:43:56 -08:00
appletalk [NET]: Fix ipx/econet/appletalk/irda ioctl crashes 2006-03-28 17:02:43 -08:00
atm [ATM]: atm/mpc.c warning fix 2006-06-26 00:01:58 -07:00
ax25 [AX.25]: Eleminate HZ from AX.25 kernel interfaces 2006-05-03 23:27:16 -07:00
bluetooth Merge git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/devfs-2.6 2006-06-29 14:19:21 -07:00
bridge [NET]: Added GSO header verification 2006-06-29 16:57:53 -07:00
core [NET]: Added GSO header verification 2006-06-29 16:57:53 -07:00
dccp [PATCH] clean up default value of IP_DCCP_ACKVEC 2006-06-23 07:43:04 -07:00
decnet [NET]: Clean up skb_linearize 2006-06-17 21:30:16 -07:00
econet [ECONET]: Convert away from SOCKOPS_WRAPPED 2006-03-28 17:02:43 -08:00
ethernet [NET]: Eliminate unused /proc/sys/net/ethernet 2006-06-05 15:34:11 -07:00
ieee80211 [PATCH] wireless: correct dump of WPA IE 2006-06-15 15:48:14 -04:00
ipv4 [NET]: Added GSO header verification 2006-06-29 16:57:53 -07:00
ipv6 [NETFILTER]: x_tables: fix xt_register_table error propagation 2006-06-29 16:57:40 -07:00
ipx [IPX]: Endian bug in ipxrtr_route_packet() 2006-06-17 21:30:24 -07:00
irda [PATCH] devfs: Remove the tty_driver devfs_name field as it's no longer needed 2006-06-26 12:25:09 -07:00
key [LSM-IPsec]: SELinux Authorize 2006-06-17 21:29:45 -07:00
lapb [NET]: Kill skb->list 2005-08-29 15:31:14 -07:00
llc [LLC]: Fix double receive of SKB. 2006-06-17 21:29:19 -07:00
netfilter [NETFILTER]: statistic match: add missing Kconfig help text 2006-06-29 16:57:50 -07:00
netlink Merge branch 'audit.b10' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current 2006-05-01 21:43:05 -07:00
netrom [NETROM]: Fix possible null pointer dereference. 2006-06-26 00:05:23 -07:00
packet [NET]: Fix some whitespace issues in af_packet.c 2006-01-23 16:28:02 -08:00
rose [NETROM/ROSE]: Kill module init version kernel log messages. 2006-05-05 17:19:26 -07:00
rxrpc [PATCH] net/rxrpc: use list_move() 2006-06-26 09:58:17 -07:00
sched [NET]: Add generic segmentation offload 2006-06-23 02:07:31 -07:00
sctp [SCTP]: sctp_unpack_cookie() fix 2006-06-20 03:26:14 -07:00
sunrpc [PATCH] spin/rwlock init cleanups 2006-06-27 17:32:39 -07:00
tipc [PATCH] spin/rwlock init cleanups 2006-06-27 17:32:39 -07:00
unix [PATCH] POLLRDHUP/EPOLLRDHUP handling for half-closed devices notifications 2006-03-25 08:22:56 -08:00
wanrouter [WAN]: Remove broken and unmaintained Sangoma drivers. 2006-04-11 17:28:33 -07:00
x25 [X25]: fix for spinlock recurse and spinlock lockup with timer handler 2006-04-29 18:33:11 -07:00
xfrm [NET]: Fix warnings after LSM-IPSEC changes. 2006-06-17 21:29:49 -07:00
compat.c [NETFILTER]: iptables 32bit compat layer 2006-04-01 02:25:19 -08:00
Kconfig [SECMARK]: Add secmark support to core networking. 2006-06-17 21:29:57 -07:00
Makefile [TIPC] Initial merge 2006-01-12 14:06:31 -08:00
nonet.c [PATCH] Make most file operations structs in fs/ const 2006-03-28 09:16:06 -08:00
socket.c [PATCH] VFS: Permit filesystem to override root dentry on mount 2006-06-23 07:42:45 -07:00
sysctl_net.c [NET]: Eliminate unused /proc/sys/net/ethernet 2006-06-05 15:34:11 -07:00
TUNABLE Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00