| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 4 Feb 2021 15:04:50 +0100
From: Phil Sutter <phil@....cc>
To: Jamal Hadi Salim <jhs@...atatu.com>
Cc: Stephen Hemminger <stephen@...workplumber.org>,
netdev@...r.kernel.org
Subject: Re: [iproute PATCH] tc: u32: Fix key folding in sample option
Jamal,
On Thu, Feb 04, 2021 at 08:19:55AM -0500, Jamal Hadi Salim wrote:
> I couldnt tell by inspection if what used to work before continues to.
> In particular the kernel version does consider the divisor when folding.
That's correct. And so does tc. What's the matter?
> Two examples that currently work, if you can try them:
Both lack information about the used hashkey and divisor.
> Most used scheme:
> ---
> tc filter add dev $DEV parent 999:0 protocol ip prio 10 u32 \
> ht 2:: \
> sample ip protocol 1 0xff match ip src 1.2.3.4/32 flowid 1:10 \
> action ok
> ----
htid before: 0x201000
htid after: 0x201000
>
> and this i also found in one of my scripts:
> ----
> tc filter add dev $DEV parent 999:0 protocol ip prio 10 u32 \
> ht 2:: \
> sample u32 0x00000806 0x0000ffff at 12 \
> match u32 0x00000800 0x0000ff00 at 12 flowid 1:10 \
> action ok
> ----
htid before: 0x20e000 (0x8 ^ 0x6 = 0xe)
htid after: 0x206000
Are you sure this still works with current kernel and iproute2
(excluding my patch)? What divisor and hashkey is used?
> Probably a simple meaning of "working" is:
> the values before and after (your changes) are consistent.
>
> If also you will do us a kindness and add maybe a testcase in tdc?
> This way next person wanting to fix it can run the tests first before
> posting a patch.
What is "tdc"?
Cheers, Phil
Powered by blists - more mailing lists