lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Tue, 15 Oct 2013 21:05:42 -0400
From:	Vlad Yasevich <vyasevich@...il.com>
To:	Fan Du <fan.du@...driver.com>, nhorman@...driver.com
CC:	steffen.klassert@...unet.com, davem@...emloft.net,
	netdev@...r.kernel.org
Subject: Re: [PATCHv3 net] {xfrm, sctp} Stick to software crc32 even if hardware
 is capable of that

On 10/15/2013 05:19 AM, Fan Du wrote:
> igb/ixgbe have hardware sctp checksum support, when this feature is enabled
> and also IPsec is armed to protect sctp traffic, ugly things happened as
> xfrm_output checks CHECKSUM_PARTIAL to do check sum operation(sum every thing
> up and pack the 16bits result in the checksum field). The result is fail
> establishment of sctp communication.
>
> Signed-off-by: Fan Du <fan.du@...driver.com>
> Cc: Vlad Yasevich <vyasevich@...il.com>
> Cc: Neil Horman <nhorman@...driver.com>
> Cc: Steffen Klassert <steffen.klassert@...unet.com>
> Acked-by: Vlad Yasevich <vyasevich@...il.com>

Looks good to me.

-vlad

> ---
> v3:
>    - Rename is_xfrm_armed by dst_xfrm
>    - Move this funtion in include/net/dst.h
>
> v2:
>    - Split v1 into two separate patches.
>
> ---
>   include/net/dst.h |   12 ++++++++++++
>   net/sctp/output.c |    3 ++-
>   2 files changed, 14 insertions(+), 1 deletion(-)
>
> diff --git a/include/net/dst.h b/include/net/dst.h
> index 211dcf1..44995c1 100644
> --- a/include/net/dst.h
> +++ b/include/net/dst.h
> @@ -478,10 +478,22 @@ static inline struct dst_entry *xfrm_lookup(struct net *net,
>   {
>   	return dst_orig;
>   }
> +
> +static inline struct xfrm_state *dst_xfrm(const struct dst_entry *dst)
> +{
> +	return NULL;
> +}
> +
>   #else
>   struct dst_entry *xfrm_lookup(struct net *net, struct dst_entry *dst_orig,
>   			      const struct flowi *fl, struct sock *sk,
>   			      int flags);
> +
> +/* skb attached with this dst needs transformation if dst->xfrm is valid */
> +static inline struct xfrm_state *dst_xfrm(const struct dst_entry *dst)
> +{
> +	return dst->xfrm;
> +}
>   #endif
>
>   #endif /* _NET_DST_H */
> diff --git a/net/sctp/output.c b/net/sctp/output.c
> index 0ac3a65..24b3718 100644
> --- a/net/sctp/output.c
> +++ b/net/sctp/output.c
> @@ -536,7 +536,8 @@ int sctp_packet_transmit(struct sctp_packet *packet)
>   	 * by CRC32-C as described in <draft-ietf-tsvwg-sctpcsum-02.txt>.
>   	 */
>   	if (!sctp_checksum_disable) {
> -		if (!(dst->dev->features & NETIF_F_SCTP_CSUM)) {
> +		if (!(dst->dev->features & NETIF_F_SCTP_CSUM) ||
> +			(dst_xfrm(dst) != NULL)) {
>   			__u32 crc32 = sctp_start_cksum((__u8 *)sh, cksum_buf_len);
>
>   			/* 3) Put the resultant value into the checksum field in the
>

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists