| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <5af4ca88-62f5-e54e-78b3-704405722925@gmail.com>
Date: Fri, 16 Nov 2018 13:33:35 -0800
From: Eric Dumazet <eric.dumazet@...il.com>
To: Cong Wang <xiyou.wangcong@...il.com>,
Eric Dumazet <eric.dumazet@...il.com>
Cc: Herbert Xu <herbert@...dor.apana.org.au>,
Linux Kernel Network Developers <netdev@...r.kernel.org>,
Tom Herbert <tom@...bertland.com>,
Eric Dumazet <edumazet@...gle.com>,
Saeed Mahameed <saeedm@...lanox.com>
Subject: Re: [Patch net] net: invert the check of detecting hardware RX
checksum fault
On 11/16/2018 12:15 PM, Cong Wang wrote:
> On Thu, Nov 15, 2018 at 8:52 PM Eric Dumazet <eric.dumazet@...il.com> wrote:
>>
>> It is very possible NIC provides an incorrect CHECKSUM_COMPLETE, in the
>> case non zero trailer bytes were added by a buggy switch (or host)
>>
>> Saeed can comment/confirm, but the theory is that the NIC does header analysis and
>> computes a checksum only on the bytes of the IP frame, not including the tail bytes
>> that were added by a switch.
>
>
> This theory seems can't explain why Pawel saw this warning so often,
> which is beyond the probability of a buggy switch. I don't know.
Well the bug here would be the receiver NIC, not really respecting CHECKSUM_COMPLETE premise
(provide a checksum over all the bytes, regardless of how smart header parsing can be on the NIC)
'Buggy switch' would add random bytes after IP frames, but as I mentioned, any AF_PACKET user
can cook arbitrary padding after a valid IP (or IPv6) frame.
>
> I will try it.
>
> Thanks.
>
Powered by blists - more mailing lists