lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 26 Sep 2013 06:49:43 -0700
From:	Eric Dumazet <eric.dumazet@...il.com>
To:	Chris Verges <cverges@...tient-energy.com>
Cc:	davem@...emloft.net, kuznet@....inr.ac.ru, jmorris@...ei.org,
	yoshfuji@...ux-ipv6.org, kaber@...sh.net, netdev@...r.kernel.org
Subject: Re: Established sockets remain open after iface down or address lost

On Wed, 2013-09-25 at 23:04 -0700, Chris Verges wrote:
> Hello all,
> 
> I've encountered a behavior that appears to be known, but am seeking
> some clarity on its rationale.  The scenario is as follows:
> 
>   (0) A TCP server socket listens on :: (v4/v6).
>   (1) Connect a USB/Ethernet adapter to a Linux system.
>   (2) Adapter is brought up as 'eth0' with an IP address.
>   (3) A remote TCP client connects to the server socket.
>   (4) 'netstat -anp' shows the socket as ESTABLISHED
>   (5) The TCP server starts a blocking read waiting for data.
>   (6) Physically disconnect the USB/Ethernet adapter from the USB bus.
>   (7) Linux removes the 'eth0' interface and associated IP address.
> 
> At this point, the socket _still_ shows as ESTABLISHED under netstat.
> 
> This is the paradox.  Why is the blocking read not interrupted with a
> socket error to indicate that the socket is no longer viable?

Because TCP layer is not sensitive to such temporary events.

You can plug again your iface, and IP is valid again.

Why should we give a permanent error for such case ?

If network communication is cut somewhere, TCP is not supposed to
immediately react. Normal timeouts and retransmits take place. 



--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ