In the current version of tcp_sendmsg it is never possible to exploit
TSO because in function select_size (net/ipv4/tcp.c) always the
mss_cache_std value is selected.
The comments in include/linux/tcp.h tell me that this is not
appropriate for TSO:
__u32 mss_cache; /* Cached effective mss, not including SACKS */
__u16 mss_cache_std; /* Like mss_cache, but without TSO */
--> TSO will not be exploited when selecting mss_cache_std in function
select size.
The below patch fixes this problem by selecting mss_cache in case of the
TSO flag being present. mss_cache has been calculated appropriately
in function tcp_current_mss.
Please comment.
Regards,
Thomas
diff -urN linux-2.6/net/ipv4/tcp.c linux-2.6-tso/net/ipv4/tcp.c
--- linux-2.6/net/ipv4/tcp.c 2004-10-19 11:32:00.000000000 +0200
+++ linux-2.6-tso/net/ipv4/tcp.c 2004-10-20 10:09:01.172719928 +0200
@@ -762,7 +762,8 @@
static inline int select_size(struct sock *sk, struct tcp_opt *tp)
{
- int tmp = tp->mss_cache_std;
+ int tmp = (sk->sk_route_caps & NETIF_F_TSO)?
+ tp->mss_cache : tp->mss_cache_std;
if (sk->sk_route_caps & NETIF_F_SG) {
int pgbreak = SKB_MAX_HEAD(MAX_TCP_HEADER);
-
: send the line "unsubscribe linux-net" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
