lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 1 Jul 2013 15:18:39 +0300
From:	Timo Teras <timo.teras@....fi>
To:	Pravin Shelar <pshelar@...ira.com>
Cc:	netdev@...r.kernel.org
Subject: Re: [PATCH net v2] ip_tunnels: Use skb-len to PMTU check.

On Mon, 1 Jul 2013 00:06:22 -0700
Pravin Shelar <pshelar@...ira.com> wrote:

> On Sun, Jun 30, 2013 at 11:41 PM, Timo Teras <timo.teras@....fi>
> wrote:
> > On Sun, 30 Jun 2013 23:30:32 -0700
> > Pravin B Shelar <pshelar@...ira.com> wrote:
> >
> >> In path mtu check, ip header total length works for gre device
> >> but not for gre-tap device.  Use skb len which is consistent
> >> for all tunneling types.  This is old bug in gre.
> >> This also fixes mtu calculation bug introduced by
> >> commit c54419321455631079c7d (GRE: Refactor GRE tunneling code).
> >>
> >> Reported-by: Timo Teras <timo.teras@....fi>
> >> Signed-off-by: Pravin B Shelar <pshelar@...ira.com>
> >> ---
> >> v1-v2:
> >>  - Fix pmtu set.
> >>  - This patch also restructures code which help couple of
> >>    improvements I have.
> >
> > Looks good to me. One additional comment below.
> >
> >> diff --git a/net/ipv4/ip_tunnel.c b/net/ipv4/ip_tunnel.c
> >> index 7fa8f08..ae5b78c 100644
> >> --- a/net/ipv4/ip_tunnel.c
> >> +++ b/net/ipv4/ip_tunnel.c
> >> @@ -486,6 +486,53 @@ drop:
> >>  }
> >>  EXPORT_SYMBOL_GPL(ip_tunnel_rcv);
> >>
> >> +static int tnl_update_pmtu(struct net_device *dev, struct sk_buff
> >> *skb,
> >> +                         struct rtable *rt, __be16 df)
> >> +{
> >> +     struct ip_tunnel *tunnel = netdev_priv(dev);
> >> +     int pkt_size = skb->len - tunnel->hlen;
> >> +     int mtu;
> >> +
> >> +     if (df)
> >> +             mtu = dst_mtu(&rt->dst) - dev->hard_header_len
> >> +                                     - sizeof(struct iphdr) -
> >> tunnel->hlen;
> >> +     else
> >> +             mtu = skb_dst(skb) ? dst_mtu(skb_dst(skb)) :
> >> dev->mtu; +
> >> +     if (skb_dst(skb))
> >> +             skb_dst(skb)->ops->update_pmtu(skb_dst(skb), NULL,
> >> skb, mtu); +
> >
> > Since mtu can change for skb_dst() only if df is set, would it make
> > sense to move the whole update_pmtu call inside if (df) {} block?
> >
> I am not sure abt that. Other events can change mtu.
> anyways I think it would be better to have separate patch for that if
> required. This patch already fixes two (related) issues.

Fair enough.

Acked-by: Timo Teräs <timo.teras@....fi>

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ