lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20191118153606.27aa9863@cakuba.netronome.com>
Date:   Mon, 18 Nov 2019 15:36:06 -0800
From:   Jakub Kicinski <jakub.kicinski@...ronome.com>
To:     Rahul Lakkireddy <rahul.lakkireddy@...lsio.com>
Cc:     netdev@...r.kernel.org, davem@...emloft.net, nirranjan@...lsio.com,
        vishal@...lsio.com, dt@...lsio.com
Subject: Re: [PATCH net-next v4 2/3] cxgb4: check rule prio conflicts before
 offload

Hi Rahul!

Please remember to CC people who have you feedback to make sure we
don't miss the next version of the set.

On Mon, 18 Nov 2019 22:30:18 +0530, Rahul Lakkireddy wrote:
> Only offload rule if it satisfies following conditions:
> 1. The immediate previous rule has priority < current rule's priority.
> 2. The immediate next rule has priority > current rule's priority.

Hm, the strict comparison here looks suspicious.

The most common use case for flower is to insert many non-conflicting
rules (different keys) at the same priority. From looking at this
description and the code:

+	if ((prev_fe->valid && prio < prev_fe->fs.tc_prio) ||
+	    (next_fe->valid && prio > next_fe->fs.tc_prio))
+		valid = false;

I get the feeling that either you haven't tested flower well or these
->valid flags are unreliable?

> Also rework free entry fetch logic to search from end of TCAM, instead
> of beginning, because higher indices have lower priority than lower
> indices. This is similar to how TC auto generates priority values.
> 
> Signed-off-by: Rahul Lakkireddy <rahul.lakkireddy@...lsio.com>
> ---
> v4:
> - Patch added in this version.

FWIW in the networking world we like the version history to be included
in the commit message, i.e. above the --- lines. It's useful
information.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ