lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4de0c8e7-a9b6-7477-691a-a2ed0f317106@redhat.com>
Date:   Tue, 4 Jul 2017 20:20:00 +0800
From:   Jason Wang <jasowang@...hat.com>
To:     "Michael S. Tsirkin" <mst@...hat.com>
Cc:     virtualization@...ts.linux-foundation.org, netdev@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH net] virtio-net: unbreak cusmed packet for small buffer
 XDP



On 2017年07月04日 01:03, Michael S. Tsirkin wrote:
> On Wed, Jun 28, 2017 at 08:05:06PM +0800, Jason Wang wrote:
>>
>> On 2017年06月28日 12:01, Michael S. Tsirkin wrote:
>>> On Wed, Jun 28, 2017 at 11:40:30AM +0800, Jason Wang wrote:
>>>> On 2017年06月28日 11:31, Michael S. Tsirkin wrote:
>>>>> On Wed, Jun 28, 2017 at 10:45:18AM +0800, Jason Wang wrote:
>>>>>> On 2017年06月28日 10:17, Michael S. Tsirkin wrote:
>>>>>>> On Wed, Jun 28, 2017 at 10:14:34AM +0800, Jason Wang wrote:
>>>>>>>> On 2017年06月28日 10:02, Michael S. Tsirkin wrote:
>>>>>>>>> On Wed, Jun 28, 2017 at 09:54:03AM +0800, Jason Wang wrote:
>>>>>>>>>> We should allow csumed packet for small buffer, otherwise XDP_PASS
>>>>>>>>>> won't work correctly.
>>>>>>>>>>
>>>>>>>>>> Fixes commit bb91accf2733 ("virtio-net: XDP support for small buffers")
>>>>>>>>>> Signed-off-by: Jason Wang<jasowang@...hat.com>
>>>>>>>>> The issue would be VIRTIO_NET_HDR_F_DATA_VALID might be set.
>>>>>>>>> What do you think?
>>>>>>>> I think it's safe. For XDP_PASS, it work like in the past.
>>>>>>> That's the part I don't get. With DATA_VALID csum in packet is wrong, XDP
>>>>>>> tools assume it's value.
>>>>>> DATA_VALID is CHECKSUM_UNCESSARY on the host, and according to the comment
>>>>>> in skbuff.h
>>>>>>
>>>>>>
>>>>>> "
>>>>>>     *   The hardware you're dealing with doesn't calculate the full checksum
>>>>>>     *   (as in CHECKSUM_COMPLETE), but it does parse headers and verify
>>>>>> checksums
>>>>>>     *   for specific protocols. For such packets it will set
>>>>>> CHECKSUM_UNNECESSARY
>>>>>>     *   if their checksums are okay. skb->csum is still undefined in this case
>>>>>>     *   though. A driver or device must never modify the checksum field in the
>>>>>>     *   packet even if checksum is verified.
>>>>>> "
>>>>>>
>>>>>> The csum is correct I believe?
>>>>>>
>>>>>> Thanks
>>>>> That's on input. But I think for tun it's output, where that is equivalent
>>>>> to CHECKSUM_NONE
>>>>>
>>>>>
>>>> Yes, but the comment said:
>>>>
>>>> "
>>>> CKSUM_NONE:
>>>>    *
>>>>    *   The skb was already checksummed by the protocol, or a checksum is not
>>>>    *   required.
>>>>    *
>>>>    * CHECKSUM_UNNECESSARY:
>>>>    *
>>>>    *   This has the same meaning on as CHECKSUM_NONE for checksum offload on
>>>>    *   output.
>>>>    *
>>>> "
>>>>
>>>> So still correct I think?
>>>>
>>>> Thanks
>>> Hmm maybe I mean NEEDS_CHECKSUM actually.
>>>
>>> I'll need to re-read the spec.
>>>
>> Not sure this is an issue. But if it is, we can probably checksum the packet
>> before passing it to XDP. But it would be a little slow.
>>
>> Thanks
>
>
> Right. I confused DATA_VALID with NEEDS_CHECKSUM.
>
> IIUC XDP generally refuses to attach if checksum offload
> is enabled.

Any reason to do this? (Looks like I don't see any code for this)

>
> Could you pls explain how to reproduce the issue you are seeing?
>

Using small buffer, all csumed packets will be dropped.

Thanks

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ