| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 27 Oct 2022 18:20:20 +0000
From: patchwork-bot+netdevbpf@...nel.org
To: Saeed Mahameed <saeed@...nel.org>
Cc: davem@...emloft.net, kuba@...nel.org, pabeni@...hat.com,
edumazet@...gle.com, saeedm@...dia.com, netdev@...r.kernel.org,
tariqt@...dia.com, hyonkim@...co.com, leonro@...dia.com
Subject: Re: [V4 net 01/15] net/mlx5e: Do not increment ESN when updating IPsec
ESN state
Hello:
This series was applied to netdev/net.git (master)
by Jakub Kicinski <kuba@...nel.org>:
On Wed, 26 Oct 2022 14:51:39 +0100 you wrote:
> From: Hyong Youb Kim <hyonkim@...co.com>
>
> An offloaded SA stops receiving after about 2^32 + replay_window
> packets. For example, when SA reaches <seq-hi 0x1, seq 0x2c>, all
> subsequent packets get dropped with SA-icv-failure (integrity_failed).
>
> To reproduce the bug:
> - ConnectX-6 Dx with crypto enabled (FW 22.30.1004)
> - ipsec.conf:
> nic-offload = yes
> replay-window = 32
> esn = yes
> salifetime=24h
> - Run netperf for a long time to send more than 2^32 packets
> netperf -H <device-under-test> -t TCP_STREAM -l 20000
>
> [...]
Here is the summary with links:
- [V4,net,01/15] net/mlx5e: Do not increment ESN when updating IPsec ESN state
https://git.kernel.org/netdev/net/c/888be6b279b7
- [V4,net,02/15] net/mlx5: Wait for firmware to enable CRS before pci_restore_state
https://git.kernel.org/netdev/net/c/212b4d7251c1
- [V4,net,03/15] net/mlx5: DR, Fix matcher disconnect error flow
https://git.kernel.org/netdev/net/c/4ea9891d6641
- [V4,net,04/15] net/mlx5e: Extend SKB room check to include PTP-SQ
https://git.kernel.org/netdev/net/c/19b43a432e3e
- [V4,net,05/15] net/mlx5e: Update restore chain id for slow path packets
https://git.kernel.org/netdev/net/c/8dc47c0527c1
- [V4,net,06/15] net/mlx5: ASO, Create the ASO SQ with the correct timestamp format
https://git.kernel.org/netdev/net/c/0f3caaa2c6fb
- [V4,net,07/15] net/mlx5: Fix possible use-after-free in async command interface
https://git.kernel.org/netdev/net/c/bacd22df9514
- [V4,net,08/15] net/mlx5e: TC, Reject forwarding from internal port to internal port
https://git.kernel.org/netdev/net/c/f382a2413dae
- [V4,net,09/15] net/mlx5e: TC, Fix cloned flow attr instance dests are not zeroed
https://git.kernel.org/netdev/net/c/94d651739e17
- [V4,net,10/15] net/mlx5: Update fw fatal reporter state on PCI handlers successful recover
https://git.kernel.org/netdev/net/c/416ef7136319
- [V4,net,11/15] net/mlx5: Fix crash during sync firmware reset
https://git.kernel.org/netdev/net/c/aefb62a99887
- [V4,net,12/15] net/mlx5e: Fix macsec coverity issue at rx sa update
https://git.kernel.org/netdev/net/c/d3ecf037569c
- [V4,net,13/15] net/mlx5e: Fix macsec rx security association (SA) update/delete
https://git.kernel.org/netdev/net/c/74573e38e933
- [V4,net,14/15] net/mlx5e: Fix wrong bitwise comparison usage in macsec_fs_rx_add_rule function
https://git.kernel.org/netdev/net/c/d550956458a8
- [V4,net,15/15] net/mlx5e: Fix macsec sci endianness at rx sa update
https://git.kernel.org/netdev/net/c/12ba40ba3dc3
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
Powered by blists - more mailing lists