lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 21 Sep 2010 10:34:33 +0200
From:	Eric Dumazet <eric.dumazet@...il.com>
To:	Amit Salecha <amit.salecha@...gic.com>
Cc:	David Miller <davem@...emloft.net>,
	"netdev@...r.kernel.org" <netdev@...r.kernel.org>,
	Ameen Rahman <ameen.rahman@...gic.com>,
	Anirban Chakraborty <anirban.chakraborty@...gic.com>
Subject: RE: [PATCH] qlcnic: dont assume NET_IP_ALIGN is 2

Le mardi 21 septembre 2010 à 03:19 -0500, Amit Salecha a écrit :
> 
> > -----Original Message-----
> > From: David Miller [mailto:davem@...emloft.net]
> > Sent: Monday, September 20, 2010 9:29 PM
> > To: Amit Salecha
> > Cc: eric.dumazet@...il.com; netdev@...r.kernel.org; Ameen Rahman;
> > Anirban Chakraborty
> > Subject: Re: [PATCH] qlcnic: dont assume NET_IP_ALIGN is 2
> > 
> > From: Amit Salecha <amit.salecha@...gic.com>
> > Date: Mon, 20 Sep 2010 06:16:31 -0500
> > 
> > > Though I have one doubt. We are allocating larger packets than the
> > actual data used.
> > > Doesn't it will break accounting ?
> > 
> > No, it will "fix" accounting.
> > 
> > You must charge to the SKB all of the non-shared memory that was
> > allocated to the SKB.
> > 
> > This means even if the packet only uses 128 bytes of the SKB
> > data area, you must still account for the full blob of linear
> > memory that was allocated for the SKB data area in skb->truesize.
> > 
> > Otherwise remote attackers could consume enormous amounts of memory by
> > tricking our socket accounting via carefully sized packets.
> 
> Wont this affect throughput ?
> As problem discuss in this thread http://www.mail-archive.com/netdev@vger.kernel.org/msg06848.html, it can affect tcp window scaling.
> 

Amit, if you believe this is a problem, you should address it for all
NICS, not only qlcnic.

Qlcnic was lying to stack, because it consumed 2Kbytes blocs and
pretended they were consuming skb->len bytes.
(assuming MTU=1500, problem is worse if MTU is bigger)

So in order to improve "throughput", you were allowing for memory
exhaust and freeze of the _machine_ ?



--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ