| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAM_iQpVoFrZ9gFNFUsqtt=12OS_Cs+vpokgNCB0eQiBf=hD4dA@mail.gmail.com>
Date: Tue, 17 Nov 2020 23:00:52 -0800
From: Cong Wang <xiyou.wangcong@...il.com>
To: wenxu <wenxu@...oud.cn>
Cc: Jakub Kicinski <kuba@...nel.org>,
Marcelo Ricardo Leitner <marcelo.leitner@...il.com>,
Vlad Buslov <vladbu@...dia.com>,
Jamal Hadi Salim <jhs@...atatu.com>,
Linux Kernel Network Developers <netdev@...r.kernel.org>
Subject: Re: [PATCH v2 net-next 3/3] net/sched: sch_frag: add generic packet
fragment support.
On Tue, Nov 17, 2020 at 5:37 PM <wenxu@...oud.cn> wrote:
>
> From: wenxu <wenxu@...oud.cn>
>
> Currently kernel tc subsystem can do conntrack in cat_ct. But when several
> fragment packets go through the act_ct, function tcf_ct_handle_fragments
> will defrag the packets to a big one. But the last action will redirect
> mirred to a device which maybe lead the reassembly big packet over the mtu
> of target device.
>
> This patch add support for a xmit hook to mirred, that gets executed before
> xmiting the packet. Then, when act_ct gets loaded, it configs that hook.
> The frag xmit hook maybe reused by other modules.
>
> Signed-off-by: wenxu <wenxu@...oud.cn>
> ---
> v2: make act_frag just buildin for tc core but not a module
> return an error code from tcf_fragment
> depends on INET for ip_do_fragment
Much better now.
> +#ifdef CONFIG_INET
> + ret = ip_do_fragment(net, skb->sk, skb, sch_frag_xmit);
> +#endif
Doesn't the whole sch_frag need to be put under CONFIG_INET?
I don't think fragmentation could work without CONFIG_INET.
Thanks.
Powered by blists - more mailing lists