lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Mon, 06 Apr 2015 22:03:48 -0700
From:	Eric Dumazet <eric.dumazet@...il.com>
To:	Tom Herbert <tom@...bertland.com>
Cc:	David Miller <davem@...emloft.net>, netdev@...r.kernel.org,
	netfilter-devel@...r.kernel.org, pablo@...filter.org,
	hannes@...essinduktion.org,
	Jiří Pírko <jiri@...nulli.us>
Subject: Re: [PATCH 0/4] Prevent UDP tunnels from operating on garbage socket

On Mon, 2015-04-06 at 21:45 -0700, Tom Herbert wrote:
> On Mon, Apr 6, 2015 at 8:51 PM, David Miller <davem@...emloft.net> wrote:

> > I don't see what is convoluted about using the correct socket for
> > sending L3 protocol frames.  That's in fact how it's _supposed_ to
> > work.  And consistently having a proper matching socket available
> > makes it so that, long-term, we'll never have to deal with this issue
> > ever again.
> 
> I guess this is where I'm confused. We can send just about anything
> over GRE also, but have never needed a transmit socket for that. Is
> UDP encapsulation so different, or is GRE equally broken also? Also,
> will we need to add the socket to FOU and GUE then?

GRE encap is very low level (not L3), and no socket simply sends GRE
packets as is.

For example, when GSO support was extended, it was first extended to
GRE, and only later to other tunnels with more thinking about allowing
more sophisticated encap levels.


--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists