lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Wed, 21 Apr 2010 16:07:50 +0200
From:	Sylvain Rochet <gradator@...dator.net>
To:	Willy Tarreau <w@....eu>
Cc:	linux-kernel@...r.kernel.org
Subject: Re: PROBLEM: 2.4.37.9 destroying an Ethernet interface with permanent NUD leaves the kernels with undestroyable interfaces when ATM is compiled in

Hi Willy,

On Tue, Apr 20, 2010 at 07:11:25AM +0200, Willy Tarreau wrote:
> Hi Sylvain,
> 
> indeed, you've hit a real bug. It reminds me of the sad days I
> was forced to use IPoA over a USB modem to access the net. The
> tiniest config error required a reboot to fix it :-/
> 
> Your fix looks right at first glance, but I'll review it deeper
> before merging it, though it should be OK since 2.6 is similar.
> 
> BTW, is there any reason why you're stuck on 2.4 ? Are you using
> some vendor-specific drivers which are not in 2.6, did you not
> have the time to upgrade yet, or did you not find a long enable
> support for 2.6 releases ? Or anything else ?
> 
> I'm asking because whatever keeps users in 2.4 should be addressed
> one way or another (probably via some doc to add in 2.4 BTW).

Well, if that were only me, this would be a 2.6 kernel, actually one of 
our new xDSL collect provider use Linux routers on operator customer 
edge and they are still using 2.4 kernels. This is going to change 
soon, but well, I discovered that there was this bug, I could not left 
it uncorrected, even on the 2.4 kernel ;-)

I am not sure if collect routers are also used elsewhere than in France. 
This is the server where PPP/L2TP tunnels or VP/VC ATM are ended, so 
that all operators use the same national networks and simply use PPP 
tunnels from xDSL customer to Internet operator router, using Radius, 
PPPoE, PPPoA, L2TP, and PPP protocol to do the authentication, find and 
reach the endpoint.

By the way, the patch also fix another issue, when an interface with 
dynamic NUDs is set to link down sate, you have to wait that NUDs 
entries expire before setting the interface back to link up state. This 
is obvious because dynamic NUDs entries are not cleared when 
neigh_ifdown() is called.

Regards,
Sylvain

Download attachment "signature.asc" of type "application/pgp-signature" (190 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ