| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 24 Apr 2021 14:52:05 -0700
From: Jakub Kicinski <kuba@...nel.org>
To: Michael Chan <michael.chan@...adcom.com>
Cc: davem@...emloft.net, netdev@...r.kernel.org, gospo@...adcom.com
Subject: Re: [PATCH net-next 10/10] bnxt_en: Implement
.ndo_features_check().
On Sat, 24 Apr 2021 16:14:31 -0400 Michael Chan wrote:
> + features = vlan_features_check(skb, features);
> + if (!skb->encapsulation)
> + return features;
> +
> + switch (vlan_get_protocol(skb)) {
> + case htons(ETH_P_IP):
> + l4_proto = ip_hdr(skb)->protocol;
> + break;
> + case htons(ETH_P_IPV6):
> + l4_proto = ipv6_hdr(skb)->nexthdr;
> + break;
> + default:
> + return features;
> + }
> +
> + /* For UDP, we can only handle 1 Vxlan port and 1 Geneve port. */
> + if (l4_proto == IPPROTO_UDP) {
> + struct bnxt *bp = netdev_priv(dev);
> + __be16 udp_port = udp_hdr(skb)->dest;
> +
> + if (udp_port != bp->vxlan_port && udp_port != bp->nge_port)
> + return features & ~(NETIF_F_CSUM_MASK |
> + NETIF_F_GSO_MASK);
> + }
> + return features;
This is still written a little too much like a block list.
What if, for example it's a UDP tunnel but with extension headers?
Is there any particular case that is served by not writing it as:
if (l4_proto == UDP && (port == bp->vxl_port ||
port == bp->nge_port))
return features;
return features & ~(CSUM | GSO);
?
Sorry for not realizing this earlier.
Powered by blists - more mailing lists