Jason Wang
2014-Dec-03 06:40 UTC
[PATCH net-next] virtio-net: don't do header check for dodgy gso packets
There's no need to do header check for virito-net since: - Host set dodgy for all gso packets from guest and check the header. - Host should prepare for all kinds of evil packets from guest, since malicious guest can send any kinds of packet. So this patch sets NETIF_F_GSO_ROBUST for virtio-net to skip the check. Cc: Rusty Russell <rusty at rustcorp.com.au> Cc: Michael S. Tsirkin <mst at redhat.com> Signed-off-by: Jason Wang <jasowang at redhat.com> --- drivers/net/virtio_net.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/drivers/net/virtio_net.c b/drivers/net/virtio_net.c index b0bc8ea..4cd242b 100644 --- a/drivers/net/virtio_net.c +++ b/drivers/net/virtio_net.c @@ -1760,6 +1760,8 @@ static int virtnet_probe(struct virtio_device *vdev) if (virtio_has_feature(vdev, VIRTIO_NET_F_HOST_ECN)) dev->hw_features |= NETIF_F_TSO_ECN; + dev->features |= NETIF_F_GSO_ROBUST; + if (gso) dev->features |= dev->hw_features & NETIF_F_ALL_TSO; /* (!csum && gso) case will be fixed by register_netdev() */ -- 1.9.1
Michael S. Tsirkin
2014-Dec-03 09:31 UTC
[PATCH net-next] virtio-net: don't do header check for dodgy gso packets
On Wed, Dec 03, 2014 at 02:40:44PM +0800, Jason Wang wrote:> There's no need to do header check for virito-net since:s/virito/virtio/> > - Host set dodgy for all gso packets from guest and check the header.s/set/sets/> - Host should prepare for all kinds of evil packets from guest, sinces/prepare/be prepared/> malicious guest can send any kinds of packet. > > So this patch sets NETIF_F_GSO_ROBUST for virtio-net to skip the check. > > Cc: Rusty Russell <rusty at rustcorp.com.au> > Cc: Michael S. Tsirkin <mst at redhat.com> > Signed-off-by: Jason Wang <jasowang at redhat.com>with the comment fixes: Acked-by: Michael S. Tsirkin <mst at redhat.com>> --- > drivers/net/virtio_net.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/drivers/net/virtio_net.c b/drivers/net/virtio_net.c > index b0bc8ea..4cd242b 100644 > --- a/drivers/net/virtio_net.c > +++ b/drivers/net/virtio_net.c > @@ -1760,6 +1760,8 @@ static int virtnet_probe(struct virtio_device *vdev) > if (virtio_has_feature(vdev, VIRTIO_NET_F_HOST_ECN)) > dev->hw_features |= NETIF_F_TSO_ECN; > > + dev->features |= NETIF_F_GSO_ROBUST; > + > if (gso) > dev->features |= dev->hw_features & NETIF_F_ALL_TSO; > /* (!csum && gso) case will be fixed by register_netdev() */ > -- > 1.9.1 > > _______________________________________________ > Virtualization mailing list > Virtualization at lists.linux-foundation.org > https://lists.linuxfoundation.org/mailman/listinfo/virtualization
Reasonably Related Threads
- [PATCH net-next] virtio-net: don't do header check for dodgy gso packets
- [PATCH net-next V2] virtio-net: don't do header check for dodgy gso packets
- [PATCH net-next V2] virtio-net: don't do header check for dodgy gso packets
- [PATCH 00/10] Split UFO into v4 and v6 versions.
- [PATCH 00/10] Split UFO into v4 and v6 versions.