lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 2 Aug 2018 16:56:55 -0700
From:   Stephen Hemminger <stephen@...workplumber.org>
To:     Eric Dumazet <eric.dumazet@...il.com>
Cc:     Peter Oskolkov <posk@...gle.com>,
        David Miller <davem@...emloft.net>, netdev@...r.kernel.org,
        Eric Dumazet <edumazet@...gle.com>,
        Florian Westphal <fw@...len.de>
Subject: Re: [PATCH net-next 1/3] ip: discard IPv4 datagrams with
 overlapping segments.

On Thu, 2 Aug 2018 16:33:55 -0700
Eric Dumazet <eric.dumazet@...il.com> wrote:

> On 08/02/2018 03:54 PM, Stephen Hemminger wrote:
> > On Thu,  2 Aug 2018 22:45:58 +0000
> > Peter Oskolkov <posk@...gle.com> wrote:
> >   
> >> diff --git a/include/uapi/linux/snmp.h b/include/uapi/linux/snmp.h
> >> index e5ebc83827ab..da1a144f1a51 100644
> >> --- a/include/uapi/linux/snmp.h
> >> +++ b/include/uapi/linux/snmp.h
> >> @@ -40,6 +40,7 @@ enum
> >>  	IPSTATS_MIB_REASMREQDS,			/* ReasmReqds */
> >>  	IPSTATS_MIB_REASMOKS,			/* ReasmOKs */
> >>  	IPSTATS_MIB_REASMFAILS,			/* ReasmFails */
> >> +	IPSTATS_MIB_REASM_OVERLAPS,		/* ReasmOverlaps */
> >>  	IPSTATS_MIB_FRAGOKS,			/* FragOKs */
> >>  	IPSTATS_MIB_FRAGFAILS,			/* FragFails */
> >>  	IPSTATS_MIB_FRAGCREATES,		/* FragCreates */  
> > 
> > Inserting new entries in the middle of an enum means the numeric
> > values will change. Isn't this going to break userspace ABI?
> >   
> 
> I would argue the only exported thing from the kernel are the Key:Val in the /proc files.
> 
> Not sure why these enum are uapi.
> 
> Commit 46c2fa39877ed70415ee2b1acfb9129e956f6de4 added LINUX_MIB_TCPFASTOPENBLACKHOLE in the middle,
> and really nobody complained.
> 
> 
> Commit 0604475119de5f80dc051a5db055c6a2a75bd542 added LINUX_MIBSTCPMEMORYPRESSURESCHRONO
> in the middle as well.
> 
> I am pretty sure we should maintain locality of these counters to lower number
> of dirtied cache lines, say under IP frag DDOS ;)
> 

Agree with eric, go ahead and keep things local

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ