| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 06 Apr 2024 11:03:14 -0400
From: Willem de Bruijn <willemdebruijn.kernel@...il.com>
To: Yuri Benditovich <yuri.benditovich@...nix.com>,
willemdebruijn.kernel@...il.com,
davem@...emloft.net,
edumazet@...gle.com,
kuba@...nel.org,
pabeni@...hat.com,
shuah@...nel.org,
linux-kernel@...r.kernel.org,
netdev@...r.kernel.org,
linux-kselftest@...r.kernel.org
Cc: yan@...nix.com,
andrew@...nix.com
Subject: Re: [PATCH] net: change maximum number of UDP segments to 128
Yuri Benditovich wrote:
> Earlier commit fc8b2a619469378 ("net: more strict VIRTIO_NET_HDR_GSO_UDP_L4 validation")
> added check of potential number of UDP segment vs UDP_MAX_SEGMENTS
> in linux/virtio_net.h.
> After this change certification test of USO guest-to-guest
> transmit on Windows driver for virtio-net device fails,
> for example with packet size of ~64K and mss of 536 bytes.
> In general the USO should not be more restrictive than TSO.
Ack
> Indeed, in case of unreasonably small mss a lot of segments
> can cause queue overflow and packet loss on the destination.
> Limit of 128 segments is good for any practical purpose,
> with minimal meaningful mss of 536 the maximal UDP packet will
> be divided to ~120 segments.
>
> Signed-off-by: Yuri Benditovich <yuri.benditovich@...nix.com>
Please mark fixes as [PATCH net] and include a fixes tag:
Fixes: fc8b2a619469 ("net: more strict VIRTIO_NET_HDR_GSO_UDP_L4 validation")
Otherwise this looks fine to me. UDP_MAX_SEGMENTS exists to block
egregious examples, such as 64K 1B segments. Doubling to 128 to handle
536B MSS is well within the reasonable range.
> ---
> include/linux/udp.h | 2 +-
> tools/testing/selftests/net/udpgso.c | 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/include/linux/udp.h b/include/linux/udp.h
> index 3748e82b627b..7e75ccdf25fe 100644
> --- a/include/linux/udp.h
> +++ b/include/linux/udp.h
> @@ -108,7 +108,7 @@ struct udp_sock {
> #define udp_assign_bit(nr, sk, val) \
> assign_bit(UDP_FLAGS_##nr, &udp_sk(sk)->udp_flags, val)
>
> -#define UDP_MAX_SEGMENTS (1 << 6UL)
> +#define UDP_MAX_SEGMENTS (1 << 7UL)
>
> #define udp_sk(ptr) container_of_const(ptr, struct udp_sock, inet.sk)
>
> diff --git a/tools/testing/selftests/net/udpgso.c b/tools/testing/selftests/net/udpgso.c
> index 1d975bf52af3..85b3baa3f7f3 100644
> --- a/tools/testing/selftests/net/udpgso.c
> +++ b/tools/testing/selftests/net/udpgso.c
> @@ -34,7 +34,7 @@
> #endif
>
> #ifndef UDP_MAX_SEGMENTS
> -#define UDP_MAX_SEGMENTS (1 << 6UL)
> +#define UDP_MAX_SEGMENTS (1 << 7UL)
> #endif
>
> #define CONST_MTU_TEST 1500
> --
> 2.34.3
>
Powered by blists - more mailing lists