xen/netback: Always pull through PKT_PROT_LEN bytes into the linear part of an skb

Previously PKT_PROT_LEN would only have an effect on the first
fragment.

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
xen/netback: try to pull a minimum of 72 bytes into the skb data area

... when receiving a packet into netback.  The previous number, 64,
tended to place a fragment boundary in the middle of the TCP header
options and led to unnecessary fragmentation in Windows <-> Windows
networking.

xen/netback: Re-define PKT_PROT_LEN to be bigger.

Re-define PKT_PROT_LEN to be big enough to handle maximal IPv4 and TCP
options and phrase the definition so that it's reasonably obvious
that's what it's for.

Signed-off-by: Paul Durrant <paul.durrant@citrix.com>
Signed-off-by: Jan Beulich <jbeulich@novell.com>

diff --git a/drivers/xen/netback/netback.c b/drivers/xen/netback/netback.c
index 154c7fbe153a68adbda0a61921cec20e323cfd8e..4b1061c93ab1db0f37e5fd6e538ce7b570dad442 100644 (file)
--- a/drivers/xen/netback/netback.c
+++ b/drivers/xen/netback/netback.c
@@ -35,6 +35,8 @@
  */
 
 #include "common.h"
+#include <linux/if_vlan.h>
+#include <linux/tcp.h>
 #include <xen/balloon.h>
 #include <xen/interface/memory.h>
 
@@ -105,7 +107,14 @@ static inline int netif_page_index(struct page *pg)
        return idx;
 }
 
-#define PKT_PROT_LEN 64
+/*
+ * This is the amount of packet we copy rather than map, so that the
+ * guest can't fiddle with the contents of the headers while we do
+ * packet processing on them (netfilter, routing, etc).
+ */
+#define PKT_PROT_LEN    (ETH_HLEN + VLAN_HLEN + \
+                        sizeof(struct iphdr) + MAX_IPOPTLEN + \
+                        sizeof(struct tcphdr) + 40 /* MAX_TCP_OPTION_SPACE */)
 
 static struct pending_tx_info {
        netif_tx_request_t req;
@@ -1457,6 +1466,16 @@ static void net_tx_action(unsigned long unused)
 
                netbk_fill_frags(skb);
 
+               /*
+                * If the initial fragment was < PKT_PROT_LEN then
+                * pull through some bytes from the other fragments to
+                * increase the linear region to PKT_PROT_LEN bytes.
+                */
+               if (skb_headlen(skb) < PKT_PROT_LEN && skb_is_nonlinear(skb)) {
+                       int target = min_t(int, skb->len, PKT_PROT_LEN);
+                       __pskb_pull_tail(skb, target - skb_headlen(skb));
+               }
+
                skb->dev      = netif->dev;
                skb->protocol = eth_type_trans(skb, skb->dev);