lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 28 Feb 2012 15:38:36 +0400
From:	Michael Tokarev <mjt@....msk.ru>
To:	Eric Dumazet <eric.dumazet@...il.com>
CC:	netdev <netdev@...r.kernel.org>, David Miller <davem@...emloft.net>
Subject: Re: 3.0: unexpected route cache entry for wrong segment?

On 15.02.2012 17:03, Eric Dumazet wrote:
> Le mercredi 15 février 2012 à 16:57 +0400, Michael Tokarev a écrit :
> 
>> 3.0.21 included "net: fix NULL dereferences in check_peer_redir()" patch
>> (which is somewhat large(ish) - I wonder why it has been rolled into
>> single patch while in reality it consists of 7 commits; and I wonder
>> why the final result is different from current version in check_peer_redir()
>> routine, which I mentioned in my other email in this thread), but that
>> one does not seem to address this very issue - from a quick view anyway.
> 
> That was the tricky part handled by David.
> 
> We couldnt apply all needed commits without bringing too many things
> from recent kernels to 3.0  (out of stable scope)
> 
> If you believe a fix is needed, just shout :)

I think the a fix is needed.  I still don't understand where our
unexpected redirects are coming from, but we had two more occurences
of this very issue.  After applying the two patches:

7cc9150ebe8ec06cafea9f1c10d92ddacf88d8ae route: fix ICMP redirect validation
9cc20b268a5a14f5e57b8ad405a83513ab0d78dc ipv4: fix redirect handling

the issue does not occur anymore.  The system has been running this
kernel for almost 2 weeks now without any issue of this sort.

The first patch applies to 3.0 as it is, the second needs minor
backporting to 3.0.  I already sent the backported version, see
http://patchwork.ozlabs.org/patch/141316/ .

I'm not sure which of the two patches actually helps, but it appears
that both are needed.

Thanks,

/mjt
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ