virtio-net: don't do header check for dodgy gso packets

There's no need to do header check for virtio-net since: - Host sets dodgy for all gso packets from guest and check the header. - Host should be prepared for all kinds of evil packets from guest, since malicious guest can send any kinds of packet. So this patch sets NETIF_F_GSO_ROBUST for virtio-net to skip the check. Cc: Rusty Russell <rusty@rustcorp.com.au> Cc: Michael S. Tsirkin <mst@redhat.com> Acked-by: N Michael S. Tsirkin <mst@redhat.com> Signed-off-by: N Jason Wang <jasowang@redhat.com> Signed-off-by: N David S. Miller <davem@davemloft.net>

virtio-net: don't do header check for dodgy gso packets
There's no need to do header check for virtio-net since: - Host sets dodgy for all gso packets from guest and check the header. - Host should be prepared for all kinds of evil packets from guest, since malicious guest can send any kinds of packet. So this patch sets NETIF_F_GSO_ROBUST for virtio-net to skip the check. Cc: Rusty Russell <rusty@rustcorp.com.au> Cc: Michael S. Tsirkin <mst@redhat.com> Acked-by: N Michael S. Tsirkin <mst@redhat.com> Signed-off-by: N Jason Wang <jasowang@redhat.com> Signed-off-by: N David S. Miller <davem@davemloft.net>
41f2f127 · Jason Wang · David S. Miller · dd450777 · 41f2f127
隐藏空白更改
内联并排

Showing with 2 addition and 0 deletion

drivers/net/virtio_net.c drivers/net/virtio_net.c +2 -0

未找到文件。
--- a/drivers/net/virtio_net.c
+++ b/drivers/net/virtio_net.c
@@ -1759,6 +1759,8 @@ static int virtnet_probe(struct virtio_device *vdev)
 		if (virtio_has_feature(vdev, VIRTIO_NET_F_HOST_ECN))
 			dev->hw_features |= NETIF_F_TSO_ECN;

+		dev->features |= NETIF_F_GSO_ROBUST;
+
 		if (gso)
 			dev->features |= dev->hw_features & NETIF_F_ALL_TSO;
 		/* (!csum && gso) case will be fixed by register_netdev() */