| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 14 Dec 2017 00:57:32 +0100
From: Matthias Schiffer <mschiffer@...verse-factory.net>
To: Stefano Brivio <sbrivio@...hat.com>
Cc: "David S . Miller" <davem@...emloft.net>, netdev@...r.kernel.org,
Junhan Yan <juyan@...hat.com>, Jiri Benc <jbenc@...hat.com>,
Hangbin Liu <haliu@...hat.com>
Subject: Re: [PATCH net] vxlan: Restore initial MTU setting based on lower
device
On 12/13/2017 11:37 PM, Stefano Brivio wrote:
> Commit a985343ba906 ("vxlan: refactor verification and
> application of configuration") introduced a change in the
> behaviour of initial MTU setting: earlier, the MTU for a link
> created on top of a given lower device, without an initial MTU
> specification, was set to the MTU of the lower device minus
> headroom as a result of this path in vxlan_dev_configure():
>
> if (!conf->mtu)
> dev->mtu = lowerdev->mtu -
> (use_ipv6 ? VXLAN6_HEADROOM : VXLAN_HEADROOM);
>
> which is now gone. Now, the initial MTU, in absence of a
> configured value, is simply set by ether_setup() to ETH_DATA_LEN
> (1500 bytes).
>
> This breaks userspace expectations in case the MTU of
> the lower device is higher than 1500 bytes minus headroom.
>
> Restore the previous behaviour by calculating, for a new link,
> the MTU from the lower device, if present, and if no value is
> explicitly configured.
>
> Reported-by: Junhan Yan <juyan@...hat.com>
> Fixes: a985343ba906 ("vxlan: refactor verification and application of configuration")
> Signed-off-by: Stefano Brivio <sbrivio@...hat.com>
> ---
> I guess this should be queued up for -stable, back to 4.13.
>
> I'm actually introducing the third occurrence of this calculation (there's
> another one in vxlan_config_apply(), and one in vxlan_change_mtu()). I would
> anyway fix the userspace breakage first, and then plan on getting rid of several
> bits of MTU logic duplication, which spans further than this.
As you note, there is another occurrence of this calculation in
vxlan_config_apply():
[...]
if (lowerdev) {
[...]
max_mtu = lowerdev->mtu - (use_ipv6 ? VXLAN6_HEADROOM :
VXLAN_HEADROOM);
}
if (dev->mtu > max_mtu)
dev->mtu = max_mtu;
[...]
Unless I'm overlooking something, this should already do the same thing and
your patch is redundant.
Regards,
Matthias
>
> drivers/net/vxlan.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/drivers/net/vxlan.c b/drivers/net/vxlan.c
> index 19b9cc51079e..3a7e36cdf2c7 100644
> --- a/drivers/net/vxlan.c
> +++ b/drivers/net/vxlan.c
> @@ -3085,6 +3085,9 @@ static void vxlan_config_apply(struct net_device *dev,
>
> if (conf->mtu)
> dev->mtu = conf->mtu;
> + else if (lowerdev)
> + dev->mtu = lowerdev->mtu - (use_ipv6 ? VXLAN6_HEADROOM :
> + VXLAN_HEADROOM);
>
> vxlan->net = src_net;
> }
>
Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)
Powered by blists - more mailing lists