| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <eb04ddfd-6e17-464b-a629-09aed99e2e95@redhat.com> Date: Tue, 29 Oct 2024 13:03:50 +0100 From: Paolo Abeni <pabeni@...hat.com> To: chia-yu.chang@...ia-bell-labs.com, netdev@...r.kernel.org, davem@...emloft.net, edumazet@...gle.com, kuba@...nel.org, dsahern@...nel.org, netfilter-devel@...r.kernel.org, kadlec@...filter.org, coreteam@...filter.org, pablo@...filter.org, bpf@...r.kernel.org, joel.granados@...nel.org, linux-fsdevel@...r.kernel.org, kees@...nel.org, mcgrof@...nel.org, ij@...nel.org, ncardwell@...gle.com, koen.de_schepper@...ia-bell-labs.com, g.white@...leLabs.com, ingemar.s.johansson@...csson.com, mirja.kuehlewind@...csson.com, cheshire@...le.com, rs.ietf@....at, Jason_Livingood@...cast.com, vidhi_goel@...le.com Subject: Re: [PATCH v4 net-next 09/14] gro: prevent ACE field corruption & better AccECN handling On 10/21/24 23:59, chia-yu.chang@...ia-bell-labs.com wrote: > From: Ilpo Järvinen <ij@...nel.org> > > There are important differences in how the CWR field behaves > in RFC3168 and AccECN. With AccECN, CWR flag is part of the > ACE counter and its changes are important so adjust the flags > changed mask accordingly. > > Also, if CWR is there, set the Accurate ECN GSO flag to avoid > corrupting CWR flag somewhere. > > Signed-off-by: Ilpo Järvinen <ij@...nel.org> > Signed-off-by: Chia-Yu Chang <chia-yu.chang@...ia-bell-labs.com> > --- > net/ipv4/tcp_offload.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/net/ipv4/tcp_offload.c b/net/ipv4/tcp_offload.c > index 0b05f30e9e5f..f59762d88c38 100644 > --- a/net/ipv4/tcp_offload.c > +++ b/net/ipv4/tcp_offload.c > @@ -329,7 +329,7 @@ struct sk_buff *tcp_gro_receive(struct list_head *head, struct sk_buff *skb, > th2 = tcp_hdr(p); > flush = (__force int)(flags & TCP_FLAG_CWR); > flush |= (__force int)((flags ^ tcp_flag_word(th2)) & > - ~(TCP_FLAG_CWR | TCP_FLAG_FIN | TCP_FLAG_PSH)); > + ~(TCP_FLAG_FIN | TCP_FLAG_PSH)); If I read correctly, if the peer is using RFC3168 and TSO_ECN, GRO will now pump into the stack twice the number of packets it was doing prior to this patch, am I correct? That is likely causing measurable performance regressions. > flush |= (__force int)(th->ack_seq ^ th2->ack_seq); > for (i = sizeof(*th); i < thlen; i += 4) > flush |= *(u32 *)((u8 *)th + i) ^ > @@ -405,7 +405,7 @@ void tcp_gro_complete(struct sk_buff *skb) > shinfo->gso_segs = NAPI_GRO_CB(skb)->count; > > if (th->cwr) > - shinfo->gso_type |= SKB_GSO_TCP_ECN; > + shinfo->gso_type |= SKB_GSO_TCP_ACCECN; If this packet is forwarded, it will not leverage TSO anymore - with current H/W. I think we need a way to enable this feature conditionally, but I fear another sysctl will be ugly and the additional conditionals will not be good for GRO. Smarter suggestions welcome ;) Cheers, Paolo > } > EXPORT_SYMBOL(tcp_gro_complete); >
Powered by blists - more mailing lists