lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20240921215410.638664-1-littlesmilingcloud@gmail.com>
Date: Sun, 22 Sep 2024 00:54:11 +0300
From: Anton Danilov <littlesmilingcloud@...il.com>
To: netdev@...r.kernel.org
Cc: Anton Danilov <littlesmilingcloud@...il.com>,
	"David S. Miller" <davem@...emloft.net>,
	David Ahern <dsahern@...nel.org>,
	Eric Dumazet <edumazet@...gle.com>,
	Jakub Kicinski <kuba@...nel.org>,
	Paolo Abeni <pabeni@...hat.com>,
	Suman Ghosh <sumang@...vell.com>,
	Shigeru Yoshida <syoshida@...hat.com>,
	linux-kernel@...r.kernel.org
Subject: [RFC PATCH net] ipv4: ip_gre: Fix drops of small packets in ipgre_xmit

Regression Description:

Depending on the GRE tunnel device options, small packets are being
dropped. This occurs because the pskb_network_may_pull function fails due
to insufficient space in the network header. For example, if only the key
option is specified for the tunnel device, packets of sizes up to 27
(including the IPv4 header itself) will be dropped. This affects both
locally originated and forwarded packets.

How to reproduce (for local originated packets):

  ip link add dev gre1 type gre ikey 1.9.8.4 okey 1.9.8.4 \
          local <your-ip> remote <any-ip>

  ip link set mtu 1400 dev gre1
  ip link set up dev gre1
  ip address add 192.168.13.1/24 dev gre1
  ping -s 1374 -c 10 192.168.13.2
  tcpdump -vni gre1
  tcpdump -vni <your-ext-iface> 'ip proto 47'
  ip -s -s -d link show dev gre1

Solution:

Use the pskb_may_pull function instead the pskb_network_may_pull.

Fixes: 80d875cfc9d3 ("ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit()")

Signed-off-by: Anton Danilov <littlesmilingcloud@...il.com>
---
 net/ipv4/ip_gre.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/ipv4/ip_gre.c b/net/ipv4/ip_gre.c
index 5f6fd382af38..115272ba2726 100644
--- a/net/ipv4/ip_gre.c
+++ b/net/ipv4/ip_gre.c
@@ -664,7 +664,7 @@ static netdev_tx_t ipgre_xmit(struct sk_buff *skb,
 
 		tnl_params = (const struct iphdr *)skb->data;
 
-		if (!pskb_network_may_pull(skb, pull_len))
+		if (!pskb_may_pull(skb, pull_len))
 			goto free_skb;
 
 		/* ip_tunnel_xmit() needs skb->data pointing to gre header. */
-- 
2.39.2

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ