lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id: <20160920.044119.403211498498787643.davem@davemloft.net>
Date:   Tue, 20 Sep 2016 04:41:19 -0400 (EDT)
From:   David Miller <davem@...emloft.net>
To:     vkuznets@...hat.com
Cc:     netdev@...r.kernel.org, linux-kernel@...r.kernel.org,
        ptalbert@...hat.com, boris.ostrovsky@...cle.com,
        david.vrabel@...rix.com, jgross@...e.com,
        xen-devel@...ts.xenproject.org
Subject: Re: [PATCH net-next v3] xen-netfront: avoid packet loss when
 ethernet header crosses page boundary

From: Vitaly Kuznetsov <vkuznets@...hat.com>
Date: Mon, 19 Sep 2016 12:53:40 +0200

> Small packet loss is reported on complex multi host network configurations
> including tunnels, NAT, ... My investigation led me to the following check
> in netback which drops packets:
> 
>         if (unlikely(txreq.size < ETH_HLEN)) {
>                 netdev_err(queue->vif->dev,
>                            "Bad packet size: %d\n", txreq.size);
>                 xenvif_tx_err(queue, &txreq, extra_count, idx);
>                 break;
>         }
> 
> But this check itself is legitimate. SKBs consist of a linear part (which
> has to have the ethernet header) and (optionally) a number of frags.
> Netfront transmits the head of the linear part up to the page boundary
> as the first request and all the rest becomes frags so when we're
> reconstructing the SKB in netback we can't distinguish between original
> frags and the 'tail' of the linear part. The first SKB needs to be at
> least ETH_HLEN size. So in case we have an SKB with its linear part
> starting too close to the page boundary the packet is lost.
> 
> I see two ways to fix the issue:
> - Change the 'wire' protocol between netfront and netback to start keeping
>   the original SKB structure. We'll have to add a flag indicating the fact
>   that the particular request is a part of the original linear part and not
>   a frag. We'll need to know the length of the linear part to pre-allocate
>   memory.
> - Avoid transmitting SKBs with linear parts starting too close to the page
>   boundary. That seems preferable short-term and shouldn't bring
>   significant performance degradation as such packets are rare. That's what
>   this patch is trying to achieve with skb_copy().
> 
> Signed-off-by: Vitaly Kuznetsov <vkuznets@...hat.com>
> Acked-by: David Vrabel <david.vrabel@...rix.com>

Applied.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ