lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 29 May 2014 17:13:26 -0700
From:	Tom Herbert <therbert@...gle.com>
To:	Christopher White <chris@...icalelegance.com>
Cc:	Linux Netdev List <netdev@...r.kernel.org>
Subject: Re: [PATCH net-next] LISP: Locator/Identifier Separation Protocol

On Thu, May 29, 2014 at 2:05 PM, Christopher White
<chris@...icalelegance.com> wrote:
> This is a static tunnel implementation of LISP as described in RFC 6830:
>   http://tools.ietf.org/html/rfc6830
>
> This driver provides point-to-point LISP dataplane
> encapsulation/decapsulation for statically configured endpoints. It provides
> support for IPv4 in IPv4 and IPv6 in IPv4. IPv6 outer headers are not
> supported yet. Instance ID is supported on a per device basis.
>

Hi Chris,

Please look at my recent patches to standardize checksum handling for
UDP tunnel implementations. This should also include configuration to
enable UDP4 csums, as well as enabling zero csums in TX or RX for UDP6
when you implement v6 support. Some more specific comments are inline.

Thanks,
Tom

> +static int handle_offloads(struct sk_buff *skb)
> +{
> +       if (skb_is_gso(skb)) {
> +               int err = skb_unclone(skb, GFP_ATOMIC);
> +               if (unlikely(err))
> +                       return err;
> +
> +               skb_shinfo(skb)->gso_type |= SKB_GSO_UDP_TUNNEL;
> +       } else if (skb->ip_summed != CHECKSUM_PARTIAL) {
> +               skb->ip_summed = CHECKSUM_NONE;
> +       }
> +
> +       return 0;
> +}
> +
This should now just call iptunnel_handle_offloads with maybe setting
type to be SKB_GSO_UDP_TUNNEL_CSUM. See vxlan.c and my patches to
support UDP tunnels with csums.

> +       /* If the NIC driver gave us an encapsulated packet
> +        * with the encapsulation mark, the device checksummed it
> +        * for us. Otherwise force the upper layers to verify it.
> +        */
> +       if ((skb->ip_summed != CHECKSUM_UNNECESSARY && skb->ip_summed != CHECKSUM_PARTIAL) ||
> +           !skb->encapsulation)
> +               skb->ip_summed = CHECKSUM_NONE;
> +
Checksum validation for UDP tunnels is now done in UDP so this should
be unnecessary.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ