lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 15 Aug 2014 02:43:58 +0200 From: Hannes Frederic Sowa <hannes@...essinduktion.org> To: Eric Dumazet <eric.dumazet@...il.com>, Daniel Borkmann <dborkman@...hat.com>, Neil Horman <nhorman@...driver.com>, Jesper Dangaard Brouer <brouer@...hat.com>, David Miller <davem@...emloft.net> Cc: netdev <netdev@...r.kernel.org> Subject: Re: [RFC] packet: handle too big packets for PACKET_V3 Hi Eric, On Fri, Aug 15, 2014, at 02:09, Eric Dumazet wrote: > It looks like PACKET_V3 has no check that a packet can always fit in a > block. > > Its trivial with GRO to break the assumption and write into kernel > memory. > > [...] > > Not sure how to fix this. > > This patch only shows where the problem is, but should we : > > 1) drop the too long packet Someone could use GRO to create packet trains to hide from intrustion detection systems, which maybe are the main user of TPACKET_V3. I don't think this is a good idea. > 2) clamp size to maximal admissible size Maybe. > 3) other solution ? (PACKET_V2 can queue a clone of skb in > receive_queue, but PACKET_V3 has no such capability) 4) Can we still try to skb_gso_segment the packet again? Not nice, but I guess this will work. Maybe depending on a tunable (default to on)? Bye, Hannes -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists