lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 2 Apr 2007 20:07:17 +0200 From: Andi Kleen <andi@...stfloor.org> To: Rick Jones <rick.jones2@...com> Cc: Andi Kleen <andi@...stfloor.org>, Aaron Lehmann <aaronl@...elus.com>, Jim Paris <jim@...n.com>, netdev@...r.kernel.org Subject: Re: NIC data corruption On Mon, Apr 02, 2007 at 10:46:00AM -0700, Rick Jones wrote: > I changed the title to be more accurate, and culled the distribution to > individuals and netdev > > The mention of trying to turn-off CKO and see if the data corruption > goes away leads me to ask a possibly "delicate" question: > > Should "Linux" only enable CKO on those NICs certified to have > ECC/parity throughout their _entire_ data path? Even with reliable software checksumming you can have quite a lot of undetected errors (there was a interesting study about this some years ago). If you really care about your data you should use SSL or some other protocol with strong checksums. That said it would probably make quite a lot of people unhappy because it would make their NICs much slower and the occasional bit error that is missed by the NIC is likely not a big issue for them. What might be a good idea would to have some optional knob somewhere that allows to disable hardware checksumming for NICs that are not trusted this way. But then someone would need to do the necessary research for the hundreds of NICs Linux support Just providing a general global "disable hardware checksumming" knob for the paranoid would be much easier. I guess that would be a good idea. -Andi - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists