lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 19 Apr 2010 11:55:35 +0800
From:	Herbert Xu <herbert@...dor.apana.org.au>
To:	Shan Wei <shanwei@...fujitsu.com>
Cc:	David Miller <davem@...emloft.net>,
	"yoshfuji@...ux-ipv6.org >> YOSHIFUJI Hideaki" 
	<yoshfuji@...ux-ipv6.org>,
	魏勇军 <yjwei@...fujitsu.com>,
	vladislav.yasevich@...com, kuznet@....inr.ac.ru, pekkas@...core.fi,
	jmorris@...ei.org, Patrick McHardy <kaber@...sh.net>,
	eric.dumazet@...il.com, sri@...ibm.com,
	"netdev@...r.kernel.org" <netdev@...r.kernel.org>,
	linux-sctp@...r.kernel.org
Subject: Re: [PATCH BUG-FIX] ipv6: allow to send packet after receiving
	ICMPv6 Too Big message with MTU field less than  IPV6_MIN_MTU

On Mon, Apr 19, 2010 at 10:58:22AM +0800, Shan Wei wrote:
> 
> According to RFC2460, PMTU is set to the IPv6 Minimum Link
> MTU (1280) and a fragment header should always be included
> after a node receiving Too Big message reporting PMTU is
> less than the IPv6 Minimum Link MTU.
> 
> After receiving a ICMPv6 Too Big message reporting PMTU is
> less than the IPv6 Minimum Link MTU, sctp *can't* send any
> data/control chunk that total length including IPv6 head 
> and IPv6 extend head is less than IPV6_MIN_MTU(1280 bytes).
> 
> The failure occured in p6_fragment(), about reason 
> see following(take SHUTDOWN chunk for example):
> sctp_packet_transmit (SHUTDOWN chunk, len=16 byte)
> |------sctp_v6_xmit (local_df=0)
>    |------ip6_xmit
>        |------ip6_output (dst_allfrag is ture)
>            |------ip6_fragment
> 
> In ip6_fragment(), for local_df=0, drops the the packet
> and returns EMSGSIZE.
> 
> The patch fixes it with adding check length of skb->len.
> In this case, Ipv6 not to fragment upper protocol data,
> just only add a fragment header before it. 
> 
> Signed-off-by: Shan Wei <shanwei@...fujitsu.com>

The patch looks good to me.

If we wanted to optimise the allfrags case it may be better
to reserve the space beforehand and generate the fragment header
at the same time as we're doing the IPv6 header.

But it can't be all that important as it's been broken for so
many years.

Thanks,
-- 
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@...dor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ