| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CA+mtBx9OHBU-k_TGr=SHDWREE6v+6tYpGgk0m8iFwZW5YmHrHg@mail.gmail.com> Date: Sun, 27 Apr 2014 21:22:33 -0700 From: Tom Herbert <therbert@...gle.com> To: David Miller <davem@...emloft.net> Cc: Stephen Hemminger <stephen@...workplumber.org>, Linux Netdev List <netdev@...r.kernel.org> Subject: Re: [PATCH 9/9 v2] net: Add sysctl to trust checksum_complete On Sun, Apr 27, 2014 at 9:15 PM, David Miller <davem@...emloft.net> wrote: > From: Tom Herbert <therbert@...gle.com> > Date: Sun, 27 Apr 2014 21:07:24 -0700 > >>> If we do anything, we should do it consistently and not just for one >>> specific checksum delivery type. >>> >>> So if we add a sysctl, it should revalidate the checksum in software >>> for all checksum offload variants, and such a sysctl should be off by >>> default. >> >> Okay, but I would want to add a new checksum type to distinguish >> checksum_complete that was done in software as opposed to one received >> from a device. > > I don't think it's wise to keep CHECKSUM_COMPLETE once you've software > verified it. > > If anything, you should at that point treat it as we would have treated > it were it marked CHECKSUM_NONE. > We want to keep it if there are multiple checksums in the packet which is possible with encapsulation. It really shouldn't add any cost to maintain it with the packet. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists