lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:	Thu, 01 May 2014 13:09:05 +0200
From:	Daniel Borkmann <>
To:	Joseph Gasparakis <>
CC:	Vlad Yasevich <>,
	"Rose, Gregory V" <>,
	Ben Hutchings <>,
	"Kirsher, Jeffrey T" <>,
	"" <>,
	"" <>,
	"" <>,
	"" <>
Subject: Re: [net-next] vxlan: Advertise SCTP checksum offloads

On 04/29/2014 10:59 PM, Joseph Gasparakis wrote:
> On Tue, 29 Apr 2014, Vlad Yasevich wrote:
>>>>>> At the time SCTP tries to do checksum, it will see hw offload
>>>>>> support and set checksum as partial.  That will be propagated
>>>>>> all the way to vxlan which will set encapsulation and pass it on.
>>>>>> At next dev_hard_start_xmit(), we'll look at hw_enc_features,
>>>>>> but it won't matter since SCTP packets are never GSO.
>>>>>> So, we'll use the non-gso code path and still send with partial
>>>>>> checksum set.  Now, if the driver supports encapsulated SCTP,
>>>>>> then it will work.  If it doesn't, the udp checksum will be computed,
>>>>>> but not the sctp one.
>>>>> That is exactly the way it works, dev_hard_start_xmit() is where
>>>>> the (inner) unchecksummed packets will get checksummed if the Tx'ing
>>>>> interface does not support inner SCTP checksumming.
>>>> No, it will not.  dev_hard_start_xmit() calls skb_checksum_help()
>>>> which only knows how to calculate TCP/UDP checksums.  It doesn't know
>>>> how to compute CRC32c for SCTP protocol.
>>> Interesting, thanks for the clarification! Then how do things work with
>>> non-encapsulated SCTP traffic? Where is the csumming for SCTP take place
>>> if the NIC cannot offload the protocol?
>> In SCTP itself.  Look at sctp_packet_transmit().   There are also
>> fix-ups in netfilter to correct the checksum if the packet has
>> to be rerouted somewhere else.
>> We've tossed around the idea of making skb_checksum have pluggable
>> components.  Daniel started us down that path by adding checksum ops.
>> We just need registration and proper lookup support.

Absolutely, Vlad is right here. That's also why we currently have this
ugly xfrm test in SCTP output path for csumming. I've started something
a while ago in that direction but got distracted with other things. If
someone is faster than me, I appreciate it. ;) In case not, I've kept
it on my todo list so far. Anyway, that would be the right way to go.
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to
More majordomo info at

Powered by blists - more mailing lists