lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Wed, 15 Jan 2020 10:43:08 -0500
From:   Willem de Bruijn <willemdebruijn.kernel@...il.com>
To:     Steffen Klassert <steffen.klassert@...unet.com>
Cc:     Willem de Bruijn <willemdebruijn.kernel@...il.com>,
        David Miller <davem@...emloft.net>,
        Paolo Abeni <pabeni@...hat.com>,
        Subash Abhinov Kasiviswanathan <subashab@...eaurora.org>,
        Marcelo Ricardo Leitner <marcelo.leitner@...il.com>,
        Network Development <netdev@...r.kernel.org>
Subject: Re: [PATCH net-next 3/4] net: Support GRO/GSO fraglist chaining.

> > > Maybe we can be conservative here and do a full
> > > __copy_skb_header for now. The initial version
> > > does not necessarily need to be the most performant
> > > version. We could try to identify the correct subset
> > > of header fields later then.
> >
> > We should probably aim for the right set from the start. If you think
> > this set is it, let's keep it.
>
> I'd prefer to do a full __copy_skb_header for now and think a bit
> longer if that what I chose is really the correct subset.

Ok

> > > > > I had to set ip_summed to CHECKSUM_UNNECESSARY on GRO to
> > > > > make sure the noone touches the checksum of the head
> > > > > skb. Otherise netfilter etc. tries to touch the csum.
> > > > >
> > > > > Before chaining I make sure that ip_summed and csum_level is
> > > > > the same for all chained skbs and here I restore the original
> > > > > value from nskb.
> > > >
> > > > This is safe because the skb_gro_checksum_validate will have validated
> > > > already on CHECKSUM_PARTIAL? What happens if there is decap or encap
> > > > in the path? We cannot revert to CHECKSUM_PARTIAL after that, I
> > > > imagine.
> > >
> > > Yes, the checksum is validated with skb_gro_checksum_validate. If the
> > > packets are UDP encapsulated, they are segmented before decapsulation.
> > > Original values are already restored. If an additional encapsulation
> > > happens, the encap checksum will be calculated after segmentation.
> > > Original values are restored before that.
> >
> > I was wondering more about additional other encapsulation protocols.
> >
> > >From a quick read, it seems like csum_level is associated only with
> > CHECKSUM_UNNECESSARY.
> >
> > What if a device returns CHECKSUM_COMPLETE for packets with a tunnel
> > that is decapsulated before forwarding. Say, just VLAN. That gets
> > untagged in __netif_receive_skb_core with skb_vlan_untag calling
> > skb_pull_rcsum. After segmentation the ip_summed is restored, with
> > skb->csum still containing the unmodified csum that includes the VLAN
> > tag?
>
> Hm, that could be really a problem. So setting CHECKSUM_UNNECESSARY
> should be ok, but restoring the old values are not. Our checksum
> magic is rather complex, it's hard to get it right for all possible
> cases. Maybe we can just set CHECKSUM_UNNECESSARY for all packets
> and keep this value after segmentation.

Note that I'm not 100% sure that the issue can occur. But it seems likely.

Yes, inverse CHECKSUM_UNNECESSARY conversion after verifying the checksum is
probably the way to go. Inverse, because it is the opposite of
__skb_gro_checksum_convert.

Or forgo (this variant of) GRO when encountering unexpected outer encap headers?

Powered by blists - more mailing lists