lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID:  <loom.20090305T000003-18@post.gmane.org>
Date:	Thu, 5 Mar 2009 00:08:38 +0000 (UTC)
From:	James Huang <jamesclhuang@...il.com>
To:	netdev@...r.kernel.org
Subject:  skb_segment() questions

Hi all,

    After spending hours trying to understand how GSO and GRO works in the 
latest Linux kernel (net-next-2.6.git), I am still quite confused about 
the implementation of skb_segment():

(1) Comments about the roles of some critical variables in the routine will 
help. Among them, len, hsize, and offset are not as confusing and I figured 
they have the following meanings:

len: amount of payload to "copy" into nskb
hsize: amount of payload to copy into nskb's head buffer 
offset: offset (from L2 header) of skb's payload to start "copy" into nskb

However, the variable "pos" is quite ambiguous. The value of "pos" at the 
beginning of each iteration of the do loop seems to depend on the current 
fragment being processed.  If current fragment is the head buffer of skb, pos 
is set to offset(end of the head buffer).  But if the current fragment is a 
page entry in skb or a skb in the frag_list, then pos is set to offset
(beginning of the current fragment).

(2) What is the purpose of the following check?

`    if (pos >= offset + len)
        continue;

     If the payload in the head buffer of skb has at least mss bytes, this 
check will succeed and no payload in skb’s head buffer will be copy into nskb 
through a call to skb_copy_from_linear_data_offset(). Something seems to be 
wrong here.

(3) Variable "hsize" seems to have a new meaning within the following if 
statement:

       if (!hsize && i >= nfrags) {
                      :
                      :
	   hsize = skb_end_pointer(nskb) - nskb->head;
	   if (skb_cow_head(nskb, doffset + headroom)) {
	 	kfree_skb(nskb);
		goto err;
	   }

	   nskb->truesize += skb_end_pointer(nskb) - nskb->head - 
hsize;                :
                      :
       }

    If so, it will be better to use a different variable here.

(4) When will the if condition (if (pos < offset + len)) just before 
skip_faglist become true?  When the if condition is true, nskb will have a non-
null frag_list. How do we know that the output interface's driver will support 
such a skb?

(5) There are some assumptions about the input skb. These assumptions are 
asserted by BUG_ON() statements throughout the routine.  It will help to list 
those assumptions at the very beginning of skb_segment().


Thanks,
James Huang



--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ