lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20120725112701.GB4366@hmsreliant.think-freely.org>
Date:	Wed, 25 Jul 2012 07:27:01 -0400
From:	Neil Horman <nhorman@...driver.com>
To:	Xufeng Zhang <xufengzhang.main@...il.com>
Cc:	Vlad Yasevich <vyasevich@...il.com>,
	xufeng zhang <xufeng.zhang@...driver.com>, sri@...ibm.com,
	davem@...emloft.net, linux-sctp@...r.kernel.org,
	netdev@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] sctp: Make "Invalid Stream Identifier" ERROR follows
 SACK when bundling

On Wed, Jul 25, 2012 at 05:22:19PM +0800, Xufeng Zhang wrote:
> On 7/25/12, Xufeng Zhang <xufengzhang.main@...il.com> wrote:
> > On 7/25/12, Vlad Yasevich <vyasevich@...il.com> wrote:
> >>
> >> Actually not true.  AUTH can be before SACK.  So can any addip chunks
> >> that
> >> aid in locating an association.
> >>
> >> Now AUTH isn't a big issue since its autogenerated to the packet but
> >> ADDIP
> >> is since it could be queued up for retransmission.
> >>
> >> There could be other extensions as well.  It really needs to be done
> >> either
> >> through side effects or making error chunks go at the end of other
> >> control
> >> chunks.  Need to audit the spec to see if that's ok.
> > You are right, I just found SHUTDOWN chunks are also before SACK based on
> > your commit "[SCTP]: Fix SACK sequence during shutdown".
> > Maybe the only solution is to do some work on side effects just as you
> > said.
> > Thanks for your explanation!
> 
> And after take a moment to look into the relative codes, I think we
> can implement it
> by below way:
> 1). Add a flag(isi_err_needed) in the embedded struct peer of struct
> struct sctp_association
> just like sack_needed flag.
> 2). When "invalid stream identifier" ERROR happens in sctp_eat_data()
> function, we just
> set isi_err_needed flag and don't create ERROR chunk and also don't
> insert SCTP_CMD_REPLY command.
> 3). In sctp_gen_sack() function, we create ERROR chunk and also insert
> SCTP_CMD_REPLY command if isi_err_needed flag is set.
> 
> Is this way proper?
> 
That would probably work yes.  Another way might just be to do some re-ordering
in sctp_outq_flush.  Before processing the control chunk list, scan it, and:
1) move all error chunks to the head of the list
2) move all sack chunks to the head of the list
3) move all shutdown chunks to the head of the list

You can do that in a single iteration of the list if you use a few on-stack
lists and list_splice

Neil

> 
> Thanks,
> Xufeng Zhang
> >
> >
> >
> > Thanks,
> > Xufeng Zhang
> >>
> >> -vlad
> >>>
> >>>Thanks,
> >>>Xufeng Zhang
> >>>>
> >>>> -vlad
> >>
> >>
> >> --
> >> Sent from my Android phone with SkitMail. Please excuse my brevity.
> >>
> >
> 
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ