On 29.10.2024 12:47, Antonio Quartulli wrote:
+static void ovpn_netdev_write(struct ovpn_peer *peer, struct sk_buff *skb) +{
- unsigned int pkt_len;
- /* we can't guarantee the packet wasn't corrupted before entering the
* VPN, therefore we give other layers a chance to check that
*/
- skb->ip_summed = CHECKSUM_NONE;
- /* skb hash for transport packet no longer valid after decapsulation */
- skb_clear_hash(skb);
- /* post-decrypt scrub -- prepare to inject encapsulated packet onto the
* interface, based on __skb_tunnel_rx() in dst.h
*/
- skb->dev = peer->ovpn->dev;
- skb_set_queue_mapping(skb, 0);
- skb_scrub_packet(skb, true);
- skb_reset_network_header(skb);
- skb_reset_transport_header(skb);
- skb_probe_transport_header(skb);
- skb_reset_inner_headers(skb);
- memset(skb->cb, 0, sizeof(skb->cb));
- /* cause packet to be "received" by the interface */
- pkt_len = skb->len;
- if (likely(gro_cells_receive(&peer->ovpn->gro_cells,
skb) == NET_RX_SUCCESS))
nit: to improve readability, the packet delivery call can be composed like this:
pkt_len = skb->len; res = gro_cells_receive(&peer->ovpn->gro_cells, skb); if (likely(res == NET_RX_SUCCESS))
/* update RX stats with the size of decrypted packet */
dev_sw_netstats_rx_add(peer->ovpn->dev, pkt_len);
+}