| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20140428.001552.1083601553706782584.davem@davemloft.net> Date: Mon, 28 Apr 2014 00:15:52 -0400 (EDT) From: David Miller <davem@...emloft.net> To: therbert@...gle.com Cc: stephen@...workplumber.org, netdev@...r.kernel.org Subject: Re: [PATCH 9/9 v2] net: Add sysctl to trust checksum_complete From: Tom Herbert <therbert@...gle.com> Date: Sun, 27 Apr 2014 21:07:24 -0700 >> If we do anything, we should do it consistently and not just for one >> specific checksum delivery type. >> >> So if we add a sysctl, it should revalidate the checksum in software >> for all checksum offload variants, and such a sysctl should be off by >> default. > > Okay, but I would want to add a new checksum type to distinguish > checksum_complete that was done in software as opposed to one received > from a device. I don't think it's wise to keep CHECKSUM_COMPLETE once you've software verified it. If anything, you should at that point treat it as we would have treated it were it marked CHECKSUM_NONE. Therefore I see no reason for a new checksum type. Please repost your series if you want me to consider it with this patch removed, rather than just saying "apply the series without patch X". Thanks. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists