lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Wed, 24 Jan 2007 19:39:21 +0900
From:	Masahide NAKAMURA <nakam@...ux-ipv6.org>
To:	David Miller <davem@...emloft.net>
Cc:	herbert@...dor.apana.org.au, yoshfuji@...ux-ipv6.org,
	takamiya@...ntts.co.jp, netdev@...r.kernel.org
Subject: Re: [IPV6] RAW: Add checksum default defines for MH.

David Miller wrote:
> From: Herbert Xu <herbert@...dor.apana.org.au>
> Date: Wed, 24 Jan 2007 17:56:23 +1100
> 
>> David Miller <davem@...emloft.net> wrote:
>>> Did a complete agreement occur that this patch is ok?
>> My only concern is that we're putting an arbitrary list of
>> protocols in the generic raw.c.  What's the justification
>> for including these protocols in particular but not others?
>>
>> Is there any reason why the application can't just use the
>> existing IPV6_CHECKSUM socket option to set the same fields?
> 
> My understanding in the MH case is that the kernel is going
> to make changes to the header that the user can't predict
> and thus it's impossible for them to set the correct checksum.

Yes, kernel will change the IPv6 header address, however,
actually it is possible to compute MH checksum by user-space
since final address (=home address) is seen by application
on both sending and receiving case and the checksum is calculated
by the address. It is true user can use IPV6_CHECKSUM option
to set the same fields.
(FYI, it is failed to validate MH checksum with IPv6 header
address on wire (or before parsing extension headers) for such
Mobile IPv6 routing optimized packet).

So this fix is not mandatory feature for kernel.
This patch just relaxes user application like ICMPv6 case
then we can cancel this if it is too much.

Thanks for taking care of this again, guys.

-- 
Masahide NAKAMURA
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ