lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 11 Mar 2014 16:39:31 +0100
From:	Michal Kubecek <mkubecek@...e.cz>
To:	David Miller <davem@...emloft.net>
Cc:	hannes@...essinduktion.org, netdev@...r.kernel.org,
	kuznet@....inr.ac.ru, jmorris@...ei.org, yoshfuji@...ux-ipv6.org,
	kaber@...sh.net
Subject: Re: [PATCH net] ipv6: do not overwrite inetpeer metrics prematurely

On Tue, Mar 11, 2014 at 04:08:14PM +0100, Michal Kubecek wrote:
> > 
> > I also believe the function should return immediately if mx is null so
> > that we don't call dst_metrics_write_ptr() if no metrics are to be set
> > for the new route.
> 
> Not so easy... :-( This would cause a problem if a host route is changed
> twice in this way:
> 
>   ip route add fec0::1 dev eth0 rto_min 1000
>   ip route change fec0::1 dev eth0
>   ip route change fec0::1 dev eth0 hoplimit 10
> 
> First route has metrics in its inetpeer. This inetpeer is then inherited
> by the second route but the metrics in it are not used as its dst_entry
> points to the read-only default. But when it is replaced by the third
> version, it inherits the inetpeer and it is not cleaned up by
> ip6_cow_metrics() because it is not new.
> 
> What I ended up with is below. It uses the metrics in inetpeer if there
> is one even if the new host metric doesn't have any metrics to set (in
> which case it clears them first). I tested various scenarios and the
> results were correct.

This doesn't cover all cases either:

  ip route add fec0::1 dev eth0 rto_min 1000
  ip route delete fec0::1
  ip route add fec0::1 dev eth0
  ip route change fec0::1 dev eth0 hoplimit 10

This way the inetpeer with rto_min 1000 persists until the fourth
command but neither third nor fourth see old dst_entry with writeable
metrics.

I think changing the condition for copying in ip6_cow_metrics() would
do the trick but I better stop now and look at it again later with
a fresh mind.

                                                       Michal Kubecek

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ