lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CALx6S35mE624Yi9m2hg=7i5YQdeH_7491LvZZmNvSuTr3Y1FHA@mail.gmail.com>
Date:	Thu, 6 Aug 2015 08:12:30 -0700
From:	Tom Herbert <tom@...bertland.com>
To:	Jesse Brandeburg <jesse.brandeburg@...el.com>
Cc:	Jeff Kirsher <jeffrey.t.kirsher@...el.com>,
	"David S. Miller" <davem@...emloft.net>,
	Anjali Singhai Jain <anjali.singhai@...el.com>,
	Linux Kernel Network Developers <netdev@...r.kernel.org>,
	nhorman@...hat.com, sassmann@...hat.com, jogreene@...hat.com,
	Catherine Sullivan <catherine.sullivan@...el.com>
Subject: Re: [net-next 07/15] i40e/i40evf: Add TX/RX outer UDP checksum
 support for X722

On Wed, Aug 5, 2015 at 5:38 PM, Jesse Brandeburg
<jesse.brandeburg@...el.com> wrote:
> On Wed, 5 Aug 2015 17:13:21 -0700
> Tom Herbert <tom@...bertland.com> wrote:
>
>> On Wed, Aug 5, 2015 at 4:52 PM, Jeff Kirsher
>> <jeffrey.t.kirsher@...el.com> wrote:
>> > From: Anjali Singhai Jain <anjali.singhai@...el.com>
>> >                 if (vsi->back->flags & I40E_FLAG_WB_ON_ITR_CAPABLE)
>> >                         tx_ring->flags = I40E_TXR_FLAGS_WB_ON_ITR;
>> > +               if (vsi->back->flags & I40E_FLAG_OUTER_UDP_CSUM_CAPABLE)
>> > +                       tx_ring->flags |= I40E_TXR_FLAGS_OUTER_UDP_CSUM;
>>
>> Just curious... is there a difference between enabling the outer UDP
>> checksum (of a tunnel) and just enabling checksum offload for UDP
>> packets?
>
> Yes, the hardware knows the difference (or we actually tell it
> the difference) between a UDP packet and a tunnel inside a UDP
> packet.

There should be no difference between handling the UDP checksum for
tunneling versus a non-tunnel packet with a UDP checksum. While VXLAN
(RFC7348) allows for non-zero checksums to be not be verified, this
fundamentally violates UDP specification (RFC1122). Neither is there
any API that allows a driver to indicate to the stack that a non-zero
UDP checksum is accepted but not verified, using checksum unnecessary
for that would also be incorrect.

Not to belabor the point, but if devices provide checksum-complete
this complexity in drivers and devices needing to parse specific UDP
encapsulations goes away.

Tom
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ