lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <32117.1357868869@sandelman.ca>
Date:	Thu, 10 Jan 2013 20:47:49 -0500
From:	Michael Richardson <mcr@...delman.ca>
To:	Eric Dumazet <eric.dumazet@...il.com>
cc:	Ani Sinha <ani@...stanetworks.com>, Jiri Pirko <jpirko@...hat.com>,
	netdev@...r.kernel.org, edumazet <edumazet@...gle.com>,
	tcpdump-workers@...ts.tcpdump.org, dborkman <dborkman@...hat.com>
Subject: Re: [tcpdump-workers] [PATCH net 1/2] net: dev_queue_xmit_nit: fix skb->vlan_tci field value


>>>>> "Eric" == Eric Dumazet <eric.dumazet@...il.com> writes:
    Eric> On Wed, 2013-01-09 at 11:27 -0800, Ani Sinha wrote:

    >> This is wrong. Accelerated or not, the kernel code was organized to
    >> have the tags in the packet aux data. So I think this is how user land
    >> should be coded as well.

    Eric> You have your opinion, thats good.

    Eric> My opinion as a kernel developer is that the network tap is here to have
    Eric> a copy of the exact frame given to the _device_.

Good: as someone who spends lots of time with tcpdump doing both network
and protocol diagnostics, it's really important to see exactly there.
If that means turning off some hardware offload in order to get the
intact 1p header, then that may be fine for many situations.
(At 10G, on a live router... well...)

The problem is that now we need to know, on a per device basis (based
upon the current configuration) if the VLAN tag was removed by the
hardware or not.  It's not enough to try with vlan tag and not.

    Eric> If you want other taps, and catch frames before/after various netfilter
    Eric> hooks, segmentations, vlan accel, tunnels, or before GRO layer, thats a
    Eric> totally different request.

Yes!!!! We need all of these tap points too... 

-- 
]               Never tell me the odds!                 | ipv6 mesh networks [ 
]   Michael Richardson, Sandelman Software Works        | network architect  [ 
]     mcr@...delman.ca  http://www.sandelman.ca/        |   ruby on rails    [ 
	



Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ