lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 17 Mar 2014 00:20:56 +0100 From: Hannes Frederic Sowa <hannes@...essinduktion.org> To: Xin Long <lucien.xin@...il.com> Cc: network dev <netdev@...r.kernel.org>, Gao feng <gaofeng@...fujitsu.com> Subject: Re: [PATCH v2] ipv6: ip6_append_data_mtu do not handle the mtu of the second fragment properly Hi! On Sun, Mar 16, 2014 at 12:50:57PM +0800, Xin Long wrote: > In ip6_append_data_mtu(), when the xfrm mode is not tunnel(such as > transport),the ipsec header need to be added in the first fragment, so the mtu > will decrease to reserve space for it, then the second fragment come, the mtu > should be turn back, as the commit 0c1833797a5a6ec23ea9261d979aa18078720b74 > said. however, in the commit a493e60ac4bbe2e977e7129d6d8cbb0dd236be, it use > *mtu = min(*mtu, ...) to change the mtu, which lead to the new mtu is alway > equal with the first fragment's. and cannot turn back. > > when I test through ping6 -c1 -s5000 $ip (mtu=1280): > ...frag (0|1232) ESP(spi=0x00002000,seq=0xb), length 1232 > ...frag (1232|1216) > ...frag (2448|1216) > ...frag (3664|1216) > ...frag (4880|164) > > which should be: > ...frag (0|1232) ESP(spi=0x00001000,seq=0x1), length 1232 > ...frag (1232|1232) > ...frag (2464|1232) > ...frag (3696|1232) > ...frag (4928|116) > > so delete the min() when change back the mtu. While the patch looks good it does not seem to apply cleanly on net. Maybe you could have a look? Thanks, Hannes -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists