lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 29 Mar 2021 11:03:17 +0200
From:   Toke Høiland-Jørgensen <toke@...hat.com>
To:     Ido Schimmel <idosch@...sch.org>, netdev@...r.kernel.org
Cc:     davem@...emloft.net, kuba@...nel.org, jiri@...dia.com,
        petrm@...dia.com, liuhangbin@...il.com, mlxsw@...dia.com,
        Ido Schimmel <idosch@...dia.com>
Subject: Re: [PATCH net 1/2] mlxsw: spectrum: Fix ECN marking in tunnel
 decapsulation

Ido Schimmel <idosch@...sch.org> writes:

> From: Ido Schimmel <idosch@...dia.com>
>
> Cited commit changed the behavior of the software data path with regards
> to the ECN marking of decapsulated packets. However, the commit did not
> change other callers of __INET_ECN_decapsulate(), namely mlxsw. The
> driver is using the function in order to ensure that the hardware and
> software data paths act the same with regards to the ECN marking of
> decapsulated packets.
>
> The discrepancy was uncovered by commit 5aa3c334a449 ("selftests:
> forwarding: vxlan_bridge_1d: Fix vxlan ecn decapsulate value") that
> aligned the selftest to the new behavior. Without this patch the
> selftest passes when used with veth pairs, but fails when used with
> mlxsw netdevs.
>
> Fix this by instructing the device to propagate the ECT(1) mark from the
> outer header to the inner header when the inner header is ECT(0), for
> both NVE and IP-in-IP tunnels.
>
> A helper is added in order not to duplicate the code between both tunnel
> types.
>
> Fixes: b723748750ec ("tunnel: Propagate ECT(1) when decapsulating as recommended by RFC6040")
> Signed-off-by: Ido Schimmel <idosch@...dia.com>
> Reviewed-by: Petr Machata <petrm@...dia.com>

Huh, I had no idea there was a caller in the driver - thanks for fixing
that!

Acked-by: Toke Høiland-Jørgensen <toke@...hat.com>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ