>>> On 05.07.13 at 16:53, Wei Liu <wei.liu2@xxxxxxxxxx> wrote:
> On Fri, Jul 05, 2013 at 10:32:41AM +0100, Jan Beulich wrote:
>> --- a/drivers/net/xen-netfront.c
>> +++ b/drivers/net/xen-netfront.c
>> @@ -831,6 +831,15 @@ static RING_IDX xennet_fill_frags(struct
>> RING_GET_RESPONSE(&np->rx, ++cons);
>> skb_frag_t *nfrag = &skb_shinfo(nskb)->frags[0];
>>
>> + if (nr_frags == MAX_SKB_FRAGS) {
>> + unsigned int pull_to = NETFRONT_SKB_CB(skb)->pull_to;
>> +
>> + BUG_ON(pull_to <= skb_headlen(skb));
>> + __pskb_pull_tail(skb, pull_to - skb_headlen(skb));
>
> skb_headlen is in fact "skb->len - skb->data_len". Looking at the
> caller code:
>
> while loop {
> skb_shinfo(skb)->frags[0].page_offset = rx->offset;
> skb_frag_size_set(&skb_shinfo(skb)->frags[0], rx->status);
> skb->data_len = rx->status;
>
> i = xennet_fill_frags(np, skb, &tmpq);
>
> /*
>
> * Truesize is the actual allocation size, even if the
>
> * allocation is only partially used.
>
> */
> skb->truesize += PAGE_SIZE * skb_shinfo(skb)->nr_frags;
> skb->len += skb->data_len;
> }
>
> handle_incoming_packet();
>
> You seem to be altering the behavior of the original code, because in
> your patch the skb->len is incremented before use, while in the original
> code (which calls skb_headlen in handle_incoming_packet) the skb->len is
> correctly set.
Right. So I basically need to keep skb->len up-to-date along with
->data_len. Just handed a patch to Dion with that done; I'll defer
sending a v2 for the upstream code until I know the change works
for our kernel.
Jan
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html