lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 21 Sep 2010 03:41:42 -0500
From:	Amit Salecha <amit.salecha@...gic.com>
To:	Eric Dumazet <eric.dumazet@...il.com>
CC:	David Miller <davem@...emloft.net>,
	"netdev@...r.kernel.org" <netdev@...r.kernel.org>,
	Ameen Rahman <ameen.rahman@...gic.com>,
	Anirban Chakraborty <anirban.chakraborty@...gic.com>
Subject: RE: [PATCH] qlcnic: dont assume NET_IP_ALIGN is 2



> -----Original Message-----
> From: netdev-owner@...r.kernel.org [mailto:netdev-
> owner@...r.kernel.org] On Behalf Of Eric Dumazet
> Sent: Tuesday, September 21, 2010 2:05 PM
> To: Amit Salecha
> Cc: David Miller; netdev@...r.kernel.org; Ameen Rahman; Anirban
> Chakraborty
> Subject: RE: [PATCH] qlcnic: dont assume NET_IP_ALIGN is 2
> 
> Le mardi 21 septembre 2010 à 03:19 -0500, Amit Salecha a écrit :
> >
> > > -----Original Message-----
> > > From: David Miller [mailto:davem@...emloft.net]
> > > Sent: Monday, September 20, 2010 9:29 PM
> > > To: Amit Salecha
> > > Cc: eric.dumazet@...il.com; netdev@...r.kernel.org; Ameen Rahman;
> > > Anirban Chakraborty
> > > Subject: Re: [PATCH] qlcnic: dont assume NET_IP_ALIGN is 2
> > >
> > > From: Amit Salecha <amit.salecha@...gic.com>
> > > Date: Mon, 20 Sep 2010 06:16:31 -0500
> > >
> > > > Though I have one doubt. We are allocating larger packets than
> the
> > > actual data used.
> > > > Doesn't it will break accounting ?
> > >
> > > No, it will "fix" accounting.
> > >
> > > You must charge to the SKB all of the non-shared memory that was
> > > allocated to the SKB.
> > >
> > > This means even if the packet only uses 128 bytes of the SKB
> > > data area, you must still account for the full blob of linear
> > > memory that was allocated for the SKB data area in skb->truesize.
> > >
> > > Otherwise remote attackers could consume enormous amounts of memory
> by
> > > tricking our socket accounting via carefully sized packets.
> >
> > Wont this affect throughput ?
> > As problem discuss in this thread http://www.mail-
> archive.com/netdev@...r.kernel.org/msg06848.html, it can affect tcp
> window scaling.
> >
> 
> Amit, if you believe this is a problem, you should address it for all
> NICS, not only qlcnic.
> 
> Qlcnic was lying to stack, because it consumed 2Kbytes blocs and
> pretended they were consuming skb->len bytes.
> (assuming MTU=1500, problem is worse if MTU is bigger)
> 
> So in order to improve "throughput", you were allowing for memory
> exhaust and freeze of the _machine_ ?
>
This won't lead to such problem. truesize is used for accounting only.
> 
> 
> --
> To unsubscribe from this list: send the line "unsubscribe netdev" in
> the body of a message to majordomo@...r.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ