Re: [PATCH net-next] macvlan: delay the header check for dodgy packets into lower device

[Jason Wang]

On 11/27/2014 04:37 AM, David Miller wrote:
> From: Jason Wang <jasowang@xxxxxxxxxx>
> Date: Wed, 26 Nov 2014 17:21:14 +0800
>
> > We do header check twice for a dodgy packet. One is done before
> > macvlan_start_xmit(), another is done before lower device's
> > ndo_start_xmit(). The first one seems redundant so this patch tries to
> > delay header check until a packet reaches its lower device (or macvtap)
> > through always enabling NETIF_F_GSO_ROBUST for macvlan device.
> >
> > Cc: Patrick McHardy <kaber@xxxxxxxxx>
> > Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx>
>
> Hmmm, it's the idea that if we have a dodgy packet, we want to
> notice that as early as possible in the packet processing path?

Not late even with this patch. The check will be done immediately after 
macvlan passing a packet to lower device which should be sufficient.

For good packets, this patch saves one time of header checking. For bad 
packets, this patch just lets the dropping happens during the validation 
before ndo_start_xmit() of lower device.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/