On 11/17/06, Herbert Xu <[EMAIL PROTECTED]> wrote:
On Wed, Nov 15, 2006 at 03:38:27PM +1100, herbert wrote: > > CP_TX_BUFFER_SIZE is already 64K. So it seems to me that we don't need > the while loop to extend the buffer at all since no transmitted packet > should be anywhere near this size. > > Are there any objections to getting rid of the following while loop > altogether and replacing it with a straight failure? Since I haven't heard any objections, here is a patch to do just that. [QEMU] rtl8139: Disallow chaining above 64K As it stands the 8139C+ TX chaining is only bounded by realloc failure. This is contrary to how the real hardware operates. It also has DoS potential when ioemu runs in dom0. This patch makes any attempt to chain a frame beyond 64K fail immediately.
True, a limit would be useful. It may be possible to start a chain at first TX descriptor and keep feeding the card with new buffers while hardware is sending older ones, without underrun, if checksum offloading is disabled. Emulation is assembling a complete packet to feed slirp routine - so there is another limit on packet size, the one slirp is able to handle. It would be nice to know what is the actual hardware limit for chaining. Only reference to 64K I found in docs is referring to receive ring buffer size in "C" mode. -- Kind Regards, Igor V. Kovalenko
_______________________________________________ Qemu-devel mailing list Qemu-devel@nongnu.org http://lists.nongnu.org/mailman/listinfo/qemu-devel
