lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 17 May 2021 08:57:16 +0200
From:   Pavel Machek <pavel@...x.de>
To:     Paolo Abeni <pabeni@...hat.com>
Cc:     Pavel Machek <pavel@...x.de>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        linux-kernel@...r.kernel.org, stable@...r.kernel.org,
        Willem de Bruijn <willemb@...gle.com>,
        "David S. Miller" <davem@...emloft.net>,
        Sasha Levin <sashal@...nel.org>
Subject: Re: [PATCH 5.10 380/530] udp: never accept GSO_FRAGLIST packets

Hi!

> > > From: Paolo Abeni <pabeni@...hat.com>
> > > 
> > > [ Upstream commit 78352f73dc5047f3f744764cc45912498c52f3c9 ]
> > > 
> > > Currently the UDP protocol delivers GSO_FRAGLIST packets to
> > > the sockets without the expected segmentation.
> > > 
> > > This change addresses the issue introducing and maintaining
> > > a couple of new fields to explicitly accept SKB_GSO_UDP_L4
> > > or GSO_FRAGLIST packets. Additionally updates  udp_unexpected_gso()
> > > accordingly.
> > > 
> > > UDP sockets enabling UDP_GRO stil keep accept_udp_fraglist
> > > zeroed.
> > 
> > What is going on here? accept_udp_fraglist variable is read-only.
> 
> Thank you for checking this!
> 
> The 'accept_udp_fraglist' field is implicitly initilized to zero at UDP
> socket allocation time (done by sk_alloc).
> 
> So this patch effectively force segmentation of SKB_GSO_FRAGLIST
> packets via the udp_unexpected_gso() helper.
> 
> We introduce the above field instead of unconditionally
> segmenting SKB_GSO_FRAGLIST, because the next patch will use it (to
> avoid unneeded segmentation for performance's sake for UDP tunnel), as
> you noted.

Ok, but there's no follow up patch queued for 5.10...? Do we still
need it there?

Best regards,
								Pavel
-- 
DENX Software Engineering GmbH,      Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany

Download attachment "signature.asc" of type "application/pgp-signature" (182 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ