lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Fri, 30 Oct 2020 19:12:52 -0400
From:   Willem de Bruijn <>
To:     Alexander Lobakin <>
Cc:     "David S. Miller" <>,
        Jakub Kicinski <>,
        Steffen Klassert <>,
        Antoine Tenart <>,
        Mauro Carvalho Chehab <>,
        Miaohe Lin <>,
        Network Development <>,
        linux-kernel <>
Subject: Re: [PATCH net-next] net: avoid unneeded UDP L4 and fraglist GSO resegmentation

On Fri, Oct 30, 2020 at 2:33 PM Alexander Lobakin <> wrote:
> Commit 9fd1ff5d2ac7 ("udp: Support UDP fraglist GRO/GSO.") added a support
> for fraglist UDP L4 and fraglist GSO not only for local traffic, but also
> for forwarding. This works well on simple setups, but when any logical
> netdev (e.g. VLAN) is present, kernel stack always performs software
> resegmentation which actually kills the performance.
> Despite the fact that no mainline drivers currently supports fraglist GSO,
> this should and can be easily fixed by adding UDP L4 and fraglist GSO to
> the list of GSO types that can be passed-through the logical interfaces
> (NETIF_F_GSO_SOFTWARE). After this change, no resegmentation occurs (if
> a particular driver supports and advertises this), and the performance
> goes on par with e.g. 1:1 forwarding.
> The only logical netdevs that seem to be unaffected to this are bridge
> interfaces, as their code uses full NETIF_F_GSO_MASK.
> Tested on MIPS32 R2 router board with a WIP NIC driver in VLAN NAT:
> 20 Mbps baseline, 1 Gbps / link speed with this patch.
> Signed-off-by: Alexander Lobakin <>
> ---
>  include/linux/netdev_features.h | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> diff --git a/include/linux/netdev_features.h b/include/linux/netdev_features.h
> index 0b17c4322b09..934de56644e7 100644
> --- a/include/linux/netdev_features.h
> +++ b/include/linux/netdev_features.h
> @@ -207,8 +207,8 @@ static inline int find_next_netdev_feature(u64 feature, unsigned long start)
>                                  NETIF_F_FSO)
>  /* List of features with software fallbacks. */
> -                                NETIF_F_GSO_SCTP)
> +                                NETIF_F_GSO_UDP_L4 | NETIF_F_GSO_FRAGLIST)

What exactly do you mean by *re*segmenting?

I think it is fine to reenable this again, now that UDP sockets will
segment unexpected UDP GSO packets that may have looped. We previously
added general software support in commit 83aa025f535f ("udp: add gso
support to virtual devices"). Then reduced its scope to egress only in
8eea1ca82be9 ("gso: limit udp gso to egress-only virtual devices") to
handle that edge case.

If we can enable for all virtual devices again, we could revert those
device specific options.

Powered by blists - more mailing lists