www.infradead.org Git - users/jedix/linux-maple.git/commit

author	Ben Hutchings <bhutchings@solarflare.com>
	Mon, 30 Jul 2012 15:57:00 +0000 (15:57 +0000)
committer	Guangyu Sun <guangyu.sun@oracle.com>
	Mon, 8 Oct 2012 16:59:12 +0000 (09:59 -0700)
commit	16d9aafb31562921d533795620153f5815f74d2f
tree	1d3801a690e09f38c92c36b996be288a52c28980	tree
parent	388b81c109a53ff310cca9020e3a90677b24ea47	commit \| diff

net: Allow driver to limit number of GSO segments per skb

[ Upstream commit 30b678d844af3305cda5953467005cebb5d7b687 ]

A peer (or local user) may cause TCP to use a nominal MSS of as little
as 88 (actual MSS of 76 with timestamps).  Given that we have a
sufficiently prodigious local sender and the peer ACKs quickly enough,
it is nevertheless possible to grow the window for such a connection
to the point that we will try to send just under 64K at once.  This
results in a single skb that expands to 861 segments.

In some drivers with TSO support, such an skb will require hundreds of
DMA descriptors; a substantial fraction of a TX ring or even more than
a full ring.  The TX queue selected for the skb may stall and trigger
the TX watchdog repeatedly (since the problem skb will be retried
after the TX reset).  This particularly affects sfc, for which the
issue is designated as CVE-2012-3412.

Therefore:
1. Add the field net_device::gso_max_segs holding the device-specific
   limit.
2. In netif_skb_features(), if the number of segments is too high then
   mask out GSO features to force fall back to software GSO.

Signed-off-by: Ben Hutchings <bhutchings@solarflare.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Guangyu Sun <guangyu.sun@oracle.com>

include/linux/netdevice.h		diff \| blob \| history
net/core/dev.c		diff \| blob \| history