Re: [PATCH 3.2 085/115] veth: donât modify ip_summed; doing so treats packets with bad checksums as good.

From: Vijay Pandurangan
Date: Sat Apr 30 2016 - 18:01:56 EST

Next message: Matt Fleming: "Re: [BUG] x86/efi: MMRs no longer properly mapped after switch to isolated page table"
Previous message: Andy Lutomirski: "Re: [PATCH] Cleanup __pvclock_read_cycles to remove useless variables"
In reply to: Ben Greear: "Re: [PATCH 3.2 085/115] veth: donât modify ip_summed; doing so treats packets with bad checksums as good."
Next in thread: Ben Greear: "Re: [PATCH 3.2 085/115] veth: donât modify ip_summed; doing so treats packets with bad checksums as good."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, Apr 30, 2016 at 5:52 PM, Ben Greear <greearb@xxxxxxxxxxxxxxx> wrote:
>>
>> Good point, so if you had:
>>
>> eth0 <-> raw <-> user space-bridge <-> raw <-> vethA <-> veth B <->
>> userspace-stub <->eth1
>>
>> and user-space hub enabled this elide flag, things would work, right?
>> Then, it seems like what we need is a way to tell the kernel
>> router/bridge logic to follow elide signals in packets coming from
>> veth. I'm not sure what the best way to do this is because I'm less
>> familiar with conventions in that part of the kernel, but assuming
>> there's a way to do this, would it be acceptable?
>
>
> You cannot receive on one veth without transmitting on the other, so
> I think the elide csum logic can go on the raw-socket, and apply to packets
> in the transmit-from-user-space direction. Just allowing the socket to make
> the veth behave like it used to before this patch in question should be good
> enough, since that worked for us for years. So, just an option to modify
> the
> ip_summed for pkts sent on a socket is probably sufficient.

I don't think this is right. Consider:

- App A sends out corrupt packets 50% of the time and discards inbound data.
- App B doesn't care about corrupt packets and is happy to receive
them and has some way of dealing with them (special case)
- App C is a regular app, say nc or something.

In your world, where A decides what happens to data it transmits,
then
A<--veth-->B and A<---wire-->B will have the same behaviour

but

A<-- veth --> C and A<-- wire --> C will have _different_ behaviour: C
will behave incorrectly if it's connected over veth but correctly if
connected with a wire. That is a bug.

Since A cannot know what the app it's talking to will desire, I argue
that both sides of a message must be opted in to this optimization.

>
>>> There may be no sockets on the vethB port. And reader/writer is not
>>> a good way to look at it since I am implementing a bi-directional bridge
>>> in
>>> user-space and each packet-socket is for both rx and tx.
>>
>>
>> Sure, but we could model a bidrectional connection as two
>> unidirectional sockets for our discussions here, right?
>
>
> Best not to I think, you want to make sure that one socket can
> correctly handle tx and rx. As long as that works, then using
> uni-directional sockets should work too.
>
>
> Thanks,
> Ben
>
> --
> Ben Greear <greearb@xxxxxxxxxxxxxxx>
> Candela Technologies Inc http://www.candelatech.com

Next message: Matt Fleming: "Re: [BUG] x86/efi: MMRs no longer properly mapped after switch to isolated page table"
Previous message: Andy Lutomirski: "Re: [PATCH] Cleanup __pvclock_read_cycles to remove useless variables"
In reply to: Ben Greear: "Re: [PATCH 3.2 085/115] veth: donât modify ip_summed; doing so treats packets with bad checksums as good."
Next in thread: Ben Greear: "Re: [PATCH 3.2 085/115] veth: donât modify ip_summed; doing so treats packets with bad checksums as good."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]