lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 16 May 2023 15:27:51 +0300
From: Tariq Toukan <ttoukan.linux@...il.com>
To: Tariq Toukan <tariqt@...dia.com>, Jakub Kicinski <kuba@...nel.org>
Cc: netdev@...r.kernel.org, drort@...dia.com, samiram@...dia.com,
 Gal Pressman <gal@...dia.com>
Subject: Re: [RFC / RFT net 0/7] tls: rx: strp: fix inline crypto offload



On 11/05/2023 13:17, Tariq Toukan wrote:
> 
> 
> On 11/05/2023 4:20, Jakub Kicinski wrote:
>> Tariq, here are the fixes for the bug you reported.
>> I managed to test with mlx5 (and selftest, obviously).
>> I hacked things up for testing to trigger the copy and
>> reencrypt paths.
>>
>> Could you run it thru your tests and LMK if there are
>> any more regressions?
>>
> 
> Hi Jakub,
> 
> Thanks for your patches!
> I see that several changes were needed.
> 
> I tested your series with the repro I had, it seems to be resolved.
> 
> We are going to run more intensive and comprehensive tests during the 
> weekend, and we'll update on status on Sunday/Monday.
> 

Hi Jakub,

Here's an updated testing status:

1. Reported issue is resolved.
2. All device-offload TLS RX/TX tests passed, except for the one issue 
below.

Nothing indicates that this issue is new or related directly to your 
fixes series. It might have been there for some time, hiding behind the 
existing bugs.

Issue description:
TlsDecryptError / TlsEncryptError increase when simultaneously creating 
a bond interface.
It doesn't happen each and every time. It reproduced several times in 
different runs.
The strange part is that the bond is created and attached to a different 
interface, not the one running the TLS traffic!

I think we should progress with the fixes:
Tested-by: Shai Amiram <samiram@...dia.com>

Regards,
Tariq

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ