| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 7 Apr 2016 11:11:48 -0400 From: Vijay Pandurangan <vijayp@...ayp.ca> To: Ben Greear <greearb@...delatech.com> Cc: Cong Wang <xiyou.wangcong@...il.com>, netdev <netdev@...r.kernel.org>, Evan Jones <ej@...njones.ca>, Cong Wang <cwang@...pensource.com> Subject: Re: veth regression with "don’t modify ip_summed; doing so treats packets with bad checksums as good." On Fri, Mar 25, 2016 at 7:46 PM, Ben Greear <greearb@...delatech.com> wrote: > A real NIC can either do hardware checksums, or it cannot. If it > cannot, then the host must do it on the CPU for both transmit and > receive. > > Veth is not a real NIC, and it cannot do hardware checksum offloading. > > So, we either lie and pretend it does, or we eat massive amounts > of CPU usage to calculate and check checksums when sending across > a veth pair. > That's a good point. Does anyone know what the overhead actually is these days? >>> Any frame sent from a socket can be considered to be a local packet in my >>> opinion. >> >> >> I'm not sure that's totally right. Your bridge is adding a delay to >> your packets; it could just as easily be simulating corruption by >> corrupting 5% of packets going through it. If this change allows >> corrupt packets to be delivered to an application when they could not >> be delivered if the packets were routed via physical eths, I think >> that is a bug. > > > I actually do support corrupting the frame, but what I normally do is > corrupt the contents > of the packet, and then recalculate the IP checksum (and TCP if it applies) > and send it on its way. The receiving NIC and stack will pass the frame up > to > the application since the checksums match, and it would be up the > application > to deal with it. So, I can easily cause an application to receive corrupted > frames over physical eths. > > I can also corrupt without updating the checksums in case you want to > test another systems NIC and/or stack. > > But, if I am purposely corrupting a frame destined for veth, then the only > reason > I would want the stack to check the checksums is if I were testing my own > stack's checksum logic, and that seems to be a pretty limited use. In the common case you're 100% right. OTOH, there's something disconcerting about an abstraction layer lying and behaving unexpectedly. Most traffic that originates on a machine can have its checksums safely ignored. Whatever the reason is (maybe, as you say you're testing checksums – on the other hand maybe there's a bug in your code somewhere), I really feel like we should try to figure out a way to ensure that this optimization is at the very least opt-in… > > > Thanks, > Ben > > -- > Ben Greear <greearb@...delatech.com> > Candela Technologies Inc http://www.candelatech.com >
Powered by blists - more mailing lists