| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 31 Jan 2012 14:33:48 +0100
From: Eric Dumazet <eric.dumazet@...il.com>
To: Shawn Lu <shawn.lu@...csson.com>
Cc: "davem@...emloft.net" <davem@...emloft.net>,
"netdev@...r.kernel.org" <netdev@...r.kernel.org>,
"xiaoclu@...il.com" <xiaoclu@...il.com>
Subject: RE: [PATCH] tcp: md5: fix md5 RST when both sides have listener
Le mardi 31 janvier 2012 à 10:05 +0100, Eric Dumazet a écrit :
> Hmm... The second problem is that its not safe to call
> tcp_v4_md5_do_lookup() on an unlocked socket.
>
> And locking a listener is way too expensive, since a listener socket is
> already a contention point.
>
> An attacker could send forged tcp md5 packets to slow down a server.
>
> A proper patch needs RCU conversion first.
I am working on this RCU conversion and big md5 cleanup, using a single
list of keys.
You can then add your fix on top of this work.
union tcp_md5_addr {
struct in_addr a4;
#if IS_ENABLED(CONFIG_IPV6)
struct in6_addr a6;
#endif
};
/* - key database */
struct tcp_md5sig_key {
struct hlist_node node;
u8 keylen;
u8 family; /* AF_INET or AF_INET6 */
union tcp_md5_addr addr;
u8 key[TCP_MD5SIG_MAXKEYLEN];
struct rcu_head rcu;
};
/* - sock block */
struct tcp_md5sig_info {
struct hlist_head head;
};
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists