lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Sun, 16 Dec 2012 23:32:08 +0100
From:	Pablo Neira Ayuso <pablo@...filter.org>
To:	Mukund Jampala <jbmukund@...il.com>
Cc:	netfilter-devel@...r.kernel.org, kadlec@...ckhole.kfki.hu,
	kaber@...sh.net, linux-kernel@...r.kernel.org
Subject: Re: problem: [PATCH] iptable_REJECT doesn't constructs the tcp
 reset packet cleanly

On Tue, Dec 11, 2012 at 01:58:02AM +0100, Pablo Neira Ayuso wrote:
[...]
> On Mon, Dec 10, 2012 at 12:48:49PM -0800, Mukund Jampala wrote:
> > problem description:
> > The problem occurs when iptables constructs the tcp reset packet.
> > It doesn't initialize the pointer to the tcp header within the skb.
> > When the skb is passed to the ixgbe driver for transmit, the ixgbe
> > driver attempts to access the tcp header and crashes.
> > Currently, other drivers (such as our 1G e1000e or igb drivers) don't
> > access the tcp header on transmit unless the TSO option is turned on.
[...]
> > Solution: set the skb->trasport_header to a valid data offset in ipt
> > reject module
> > 
> > diff -up net/ipv4/netfilter/ipt_REJECT.c{.orig,}
> > --- net/ipv4/netfilter/ipt_REJECT.c.orig	2012-12-10 12:08:37.000000000 -0800
> > +++ net/ipv4/netfilter/ipt_REJECT.c	2012-12-10 12:10:08.000000000 -0800
> > @@ -79,6 +79,8 @@ static void send_reset(struct sk_buff *o
> >  	niph->saddr	= oiph->daddr;
> >  	niph->daddr	= oiph->saddr;
> > 
> > +
> > +	skb_reset_transport_header(nskb);
> >  	tcph = (struct tcphdr *)skb_put(nskb, sizeof(struct tcphdr));
> >  	memset(tcph, 0, sizeof(*tcph));
> >  	tcph->source	= oth->dest;
> > 
> > Please let me know if you have any concerns with the patch.
> 
> This is a good and extensive diagnosing, thanks a lot.
> 
> Regarding your patch format, please, use git format-patch for your
> upcoming contributions and add the Signed-off-by tag to your patches.
> It makes
> 
> But for this time, I'll do the formatting myself and will take this
> into the nf tree.

I have also made the same change for ip6t_REJECT.

Applied, thanks Mukund.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ