lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20161031211841.GG32374@pox.localdomain>
Date:   Mon, 31 Oct 2016 22:18:41 +0100
From:   Thomas Graf <tgraf@...g.ch>
To:     John Fastabend <john.fastabend@...il.com>
Cc:     David Miller <davem@...emloft.net>, Yuval.Mintz@...ium.com,
        netdev@...r.kernel.org
Subject: Re: XDP question - how much can BPF change in xdp_buff?

On 10/31/16 at 12:22pm, John Fastabend wrote:
> On 16-10-31 11:57 AM, David Miller wrote:
> > My understanding is that the eBPF program would be responsible
> > for updating the checksum if it mangles the packet in such a
> > way that such a fixup would be required.
> > 
> 
> For XDP we will probably need to add support for at minimum the
> following helpers,
> 
> 	bpf_l3_csum_replace
> 	bpf_l4_csum_replace
	csum_diff

We definitely want some visibility feature that can be enabled for
troubleshooting and debugging which verifies the checksum in SW
after the bpf program is done. Otherwise, if a XDP BPF program
miscalculates the checksum, there is no way to figure it out whether
the checksum is off without attaching another system to capture.

Speaking from experience, getting the checksum right is one of the
time sinks when developing more complex BPF programs.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ