lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sat, 14 Dec 2013 00:52:32 -0500 (EST)
From:	David Miller <davem@...emloft.net>
To:	timo.teras@....fi
Cc:	netdev@...r.kernel.org, pshelar@...ira.com
Subject: Re: [PATCH net] ip_gre: fix msg_name parsing for recvfrom/recvmsg

From: Timo Teras <timo.teras@....fi>
Date: Fri, 13 Dec 2013 08:08:44 +0200

> On Thu, 12 Dec 2013 15:34:29 -0500 (EST)
> David Miller <davem@...emloft.net> wrote:
> 
>> From: Timo Teräs <timo.teras@....fi>
>> Date: Thu, 12 Dec 2013 10:53:52 +0200
>> 
>> > ipgre_header_parse() needs to parse the tunnel's ip header for
>> > getting the link-layer addresses, and uses mac_header to get the
>> > header. This fixes setting mac_header on the receive path to
>> > original behaviour.
>> > 
>> > Bug added in commit c54419321455 (GRE: Refactor GRE tunneling code.)
>> > 
>> > Cc: Pravin B Shelar <pshelar@...ira.com>
>> > Signed-off-by: Timo Teräs <timo.teras@....fi>
>> > ---
>> > Alternate would be to do skb_reset_inner_headers() in
>> > ip_tunnel_rcv() and update ipgre_header_parse() to use
>> > skb_inner_network_header(). Though, then inner would then be
>> > referring to the "outer" headers.
>> > 
>> > If applied as-is, should go to -stable too.
>> 
>> Would skb_reset_mac_header() work just as equally?  I'd prefer that
>> over direct modification of skb->*_header values.
> 
> No. It was actually converted originally to skb_reset_mac_header() but
> that led to problems. See commit 1d0691674764098304ae4c63c715f588.
> 
> When ipgre_rcv is entered, the outer iphdr has been already pulled,
> thus head points to the GRE header. So skb_reset_mac_header() would
> make it point at the GRE header instead of the desired outer IP header.
> 
> But I agree that it'd be better to use helpers. That's why I suggested
> the skb_reset_inner_headers() as an alternative. But as it's slightly
> more intrusive approach, I opted to just restore the original assignment
> as first suggestion.

Just make a helper that does this mac_header = network_header thing,
call it something like "skb_pop_mac_header(skb)" and the make the ip_gre
code use it.

Thanks.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ