Re: [PATCH] lro: IP fragment checking

From: Andrew Gallatin
Date: Tue Dec 02 2008 - 09:43:22 EST

Ben Hutchings wrote:
On Mon, 2008-12-01 at 19:02 -0500, Andrew Gallatin wrote:
Ben Hutchings wrote:
On Mon, 2008-12-01 at 16:53 -0500, Andrew Gallatin wrote:
David Miller wrote:
From: Andrew Gallatin <gallatin@xxxxxxxx>
Date: Mon, 01 Dec 2008 12:50:15 -0500

As to whether or not to do it in the drivers/hardware or in the
LRO code, I favor doing it in the LRO code just so that it is not
missed in some driver.
Then there is no point in the hardware doing the check, if
we're going to check it anyways.

That's part of my point about why this check doesn't belong
What hardware does an explicit check for fragmentation?
Any that implements TCP/UDP checksumming properly.
How many do?

Good question. ;-)

In most cases, aren't we just relying on the hardware checksum
to be wrong on fragmented packets? That works 99.999% of the time,
but the TCP checksum is pretty weak, and it is possible to
have a fragmented packet where the first fragment has the same
checksum as the entire packet.

If your hardware/firmware wrongly claims to be able to verify the
TCP/UDP checksum for an IP fragment, it seems to me you should deal with
that in your driver or fix the firmware.
We do partial checksums.

So you should check for IP fragmentation in your get_frag_header() along
with all the other checks you've got to do.

Indeed, and that is the patch I intend to submit if the fragment
check in inet_lro is rejected. I still think the check belongs
in the inet lro code though, and I'm worried it is being rejected
for the wrong reasons..

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at