lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20200528.144319.2125126279324542556.davem@davemloft.net>
Date:   Thu, 28 May 2020 14:43:19 -0700 (PDT)
From:   David Miller <davem@...emloft.net>
To:     doshir@...are.com
Cc:     kuba@...nel.org, netdev@...r.kernel.org, Pv-drivers@...are.com,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2 net-next 3/4] vmxnet3: add geneve and vxlan tunnel
 offload support

From: Ronak Doshi <doshir@...are.com>
Date: Thu, 28 May 2020 21:18:34 +0000

> 
> On 5/28/20, 12:35 PM, "Jakub Kicinski" <kuba@...nel.org> wrote:
>>    On Thu, 28 May 2020 11:36:14 -0700 Ronak Doshi wrote:
>>    > @@ -1168,13 +1220,21 @@ vmxnet3_rx_csum(struct vmxnet3_adapter *adapter,
>>    >  		    (le32_to_cpu(gdesc->dword[3]) &
>>    >  		     VMXNET3_RCD_CSUM_OK) == VMXNET3_RCD_CSUM_OK) {
>>    >  			skb->ip_summed = CHECKSUM_UNNECESSARY;
>>    > -			BUG_ON(!(gdesc->rcd.tcp || gdesc->rcd.udp));
>>    > -			BUG_ON(gdesc->rcd.frg);
>>    > +			BUG_ON(!(gdesc->rcd.tcp || gdesc->rcd.udp) &&
>>    > +			       !(le32_to_cpu(gdesc->dword[0]) &
>>    > +				 (1UL << VMXNET3_RCD_HDR_INNER_SHIFT)));
>>    > +			BUG_ON(gdesc->rcd.frg &&
>>    > +			       !(le32_to_cpu(gdesc->dword[0]) &
>>    > +				 (1UL << VMXNET3_RCD_HDR_INNER_SHIFT)));
>>    
>>    Seems fairly extreme to trigger BUG_ONs if rx descriptor doesn't
>>    contain valid checksum offload flags :S WARN_ON_ONCE() and ignore 
>>    checsum or drop packet would be more than sufficient.
>     
> Hello Jakub,
> 
> Good point. However, I did not want to change the behavior in this patch,
> so kept it as is. If required, this can be done in future separate patch.

It's really awful to kill so much of the system because of a flipped bit
in a descriptor.

Please fix this as well as address Michal's feedback.

Thanks.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ