Hello, We are seeing a problem with AF_PACKET when used along with the veth interfaces. SCP complains that message authentication code is incorrect.
I was browsing the code and I see that veth_xmit calls ____dev_forward_skb which does a skb_scrub_packet, which in turn calls the skb destructor function. In the case of packets coming from the AF_PACKET socket, the destructor function seems to set all the mmap-ed pages to be available for user space to copy any new packet it wants. Isn't this a problem? skb_orphan_frags, called by ____dev_forward_skb, seems to do the right thing, but it probably does not get called for packets from AF_PACKET socket, since the skb is not a zero copy skb (SKBTX_DEV_ZEROCOPY is not set). Did I miss something basic here? (Please cc me, since I am not part of this list) Thanks, Anand
