lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Fri, 17 Jun 2016 16:34:17 -0700
From:	Eric Dumazet <>
To:	Saeed Mahameed <>
Cc:	Alexei Starovoitov <>,
	Saeed Mahameed <>,
	"David S. Miller" <>,
	Linux Netdev List <>,
	Doug Ledford <>,
	Or Gerlitz <>,
	Maor Gottlieb <>,
	Huy Nguyen <>, Tal Alon <>,
	Daniel Borkmann <>
Subject: Re: [PATCH net-next 12/18] IB/mlx5: Add kernel offload flow-tag

On Fri, Jun 17, 2016 at 3:31 PM, Saeed Mahameed
<> wrote:
> On Fri, Jun 17, 2016 at 7:00 PM, Alexei Starovoitov
> <> wrote:
>> On Fri, Jun 17, 2016 at 05:43:53PM +0300, Saeed Mahameed wrote:
>>> From: Maor Gottlieb <>
>>> Add kernel offload flow tag for packets that will bypass the kernel
>>> stack, e.g (RoCE/RDMA/RAW ETH (DPDK), etc ..).
>> so the whole series is an elaborate way to enable dpdk? how nice.
> NO, God forbids! the whole series has nothing to do with dpdk!
> Please read the cover letter.
> Quoting my own words from the cover letter:
> "This patch set introduces mlx5 RoCE/RDMA packet sniffer, it allows
> mlx5e netdevice to receive RoCE/RDMA or RAW ETH traffic which isn't
> supposed to be passed to the kernel stack, for sniffing and diagnostics
> purposes."
> We simply want to selectively be able to see RoCE/RDMA ETH standard
> traffic in tcpdump, for diagnostic purposes.
> so in order to not overwhelm the kernel TCP/IP stack with this
> traffic, this patch in particular
> configures ConnectX4 hardware to tag those packets, so in downstream
> patches mlx5 netdevice will mark the SKBs of those packets
> to skip the TCP/IP stack and go only to tcpdump.
> DPDK is not enabled/disabled or even slightly affected in this series.
> It was just given as an example in this patch commit message for
> traffic that can be sniffed in standard tools such as tcpdump.
> Today there are some bad usages and abuse to skb->protocol where some
> device drivers set skb->protocol = 0xffffff to skip the kernel TCP/IP
> processing for the same diagnostic purposes.
> In this series we are just trying to do the right thing.

Well, your patch adds an extra test in kernel fast path, just to ease
the life of people using kernel bypass,
but willing to use tcpdump because they can not figure to do this in
user space properly.

Please find a way  _not_ adding a single instruction in kernel fast path.


Powered by blists - more mailing lists