lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20150131.174037.1176748996497876060.davem@davemloft.net>
Date:	Sat, 31 Jan 2015 17:40:37 -0800 (PST)
From:	David Miller <davem@...emloft.net>
To:	pshelar@...ira.com
Cc:	netdev@...r.kernel.org
Subject: Re: [PATCH net-next v2 0/6] net: Add STT support.

From: Pravin B Shelar <pshelar@...ira.com>
Date: Thu, 29 Jan 2015 15:29:16 -0800

> Following patch series adds support for Stateless Transport
> Tunneling protocol.
> STT uses TCP segmentation offload available in most of NIC. On
> packet xmit STT driver appends STT header along with TCP header
> to the packet. For GSO packet GSO parameters are set according
> to tunnel configuration and packet is handed over to networking
> stack. This allows use of segmentation offload available in NICs

I don't like this at all.

Routers _absolutely_ depend upon the ability to make TCP flows back
off by dropping packets in various ways (tail drop, RED random drops,
etc.).  STT violates this completely.

It's _NOT_ TCP, you can't put lipstick on a pig and pretend it's not a
pig.  You need to use something that indicates it's flow properties,
a datagram protocol.  Either via an existing one or by creating a new
one.

I know you want to do this mass TCP behavioral violation because of
TSO.  But that's too bad.  The ends do not justify the means.

I also don't buy the argument that "people can put arbitrary changes
into their kernel to do stuff like that".

They can't do it to the stack I'm willing to maintain, and that's what
matters for %99 of systems out there.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ