lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 26 Oct 2010 17:25:11 -0200
From:	Flavio Leitner <fleitner@...hat.com>
To:	David Miller <davem@...emloft.net>
Cc:	netdev@...r.kernel.org, herbert@...dor.hengli.com.au
Subject: Re: [PATCH] net: reset gso header when the copied skb is linearized

On Tue, Oct 26, 2010 at 11:31:57AM -0700, David Miller wrote:
> From: Flavio Leitner <fleitner@...hat.com>
> Date: Mon, 25 Oct 2010 20:23:18 -0200
> 
> > The gso header is incorrect when the copied skb is
> > linearized. This patch creates another helper function
> > to copy the gso header when it is appropriated
> > 
> > Signed-off-by: Flavio Leitner <fleitner@...hat.com>
> 
> I don't understand why the GSO information should be
> omitted just because we are creating a linearlized
> version of the SKB?

If I understand that correctly, the gso_segs is the number
of GSO segments which are divided in non-linear way. When the
copy is made using that function, the skb turns into a big
one segment inlined. So, the idea of segments is lost and
I'm not seeing how it is going to be divided again. 
Later the NIC drives does, for example:

drivers/net/e1000/e1000_main.c
...
                if (cleaned) {
                        struct sk_buff *skb = buffer_info->skb;
                        unsigned int segs, bytecount;
                        segs = skb_shinfo(skb)->gso_segs ?: 1;
                        /* multiply data chunks by size of * headers */
                        bytecount = ((segs - 1) * skb_headlen(skb)) +
                                    skb->len;
                        total_tx_packets += segs;
                        total_tx_bytes += bytecount;
                }
...

The bytecount there will be wrong because it will multiply 
the old gso_segs X skb_headlen(skb) which will be the entire
skb as the payload is inlined.

I see that there are some places checking for skb_is_gso()
before do something or calculating using that math above.

> The packet still could have a larger than MSS size,
> and thus be composed of multiple actual segments for
> the network.

hopefully I answered this too in my previous comment

thanks,
-- 
Flavio
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ