[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20070518.113507.41839122.taka@valinux.co.jp>
Date: Fri, 18 May 2007 11:35:07 +0900 (JST)
From: Hirokazu Takahashi <taka@...inux.co.jp>
To: herbert@...dor.apana.org.au
Cc: shemminger@...ux-foundation.org, netdev@...r.kernel.org,
kaber@...sh.net, davem@...emloft.net, linux-net@...r.kernel.org
Subject: Re: [PATCH 2/2] tbf scheduler: TSO support (update 2)
Hi,
> > @@ -924,7 +926,9 @@ cbq_dequeue_prio(struct Qdisc *sch, int
> > cl->xstats.borrows += skb->len;
> > #endif
> > }
> > - q->tx_len = skb->len;
> > + q->tx_segs = skb_shinfo(skb)->gso_segs ? :
> > + skb_shinfo(skb)->gso_size ? skb->len/skb_shinfo(skb)->gso_size + 1 : 1;
> > + q->tx_len = (skb->len - 1)/q->tx_segs + 1;
>
> This isn't safe for Xen (and potentially other virtualisation
> environments) since qdisc code runs before dev_hard_start_xmit
> which is where we verify the sanity of gso_segs. So you could
> be using some arbitrary value from an untrusted source.
>
> If you really want to use it, you should test for SKB_GSO_DODGY
> on the packet which will be set if gso_segs can't be trusted.
Yep, you have a point that some sanity check should be added.
I think a simple check would be enough not to crash CBQ
as the accurate checking will be done in dev_hard_start_xmit or
device drivers.
Thanks,
Hirokazu Takahashi.
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists