lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 01 May 2007 13:54:03 -0400 From: John Heffner <jheffner@....edu> To: Benjamin LaHaise <bcrl@...ck.org> CC: Evgeniy Polyakov <johnpol@....mipt.ru>, David Miller <davem@...emloft.net>, netdev@...r.kernel.org Subject: Re: [PATCH] TCP FIN gets dropped prematurely, results in ack storm Benjamin LaHaise wrote: >> According to your patch, several packets with fin bit might be sent, >> including one with data. If another host does not receive fin >> retransmit, then that logic is broken, and it can not be fixed by >> duplicating fins, I would even say, that remote box should drop second >> packet with fin, while it can carry data, which will break higher >> connection logic. > > The FIN hasn't been ack'd by the other side, though and yet Linux is no > longer transmitting packets with it sent. Read the beginning of the trace. I agree completely with Evgeniy. The patch you sent would cause bad breakage by sending the FIN bit on segments with different sequence numbers. Looking at your trace, it seems like the behavior of the test system 192.168.2.2 is broken in two ways. First, like you said it has broken state in that it has forgotten that it sent the FIN. Once you do that, the connection state is corrupt and all bets are off. It's sending an out-of-window segment that's getting tossed by Linux, and Linux generates an ack in response. This is in direct RFC compliance. The second problem is that the other system is generating these broken acks in response to the legitimate acks Linux is sending, causing the ack war. I can't really guess why it's doing that... You might be able to change Linux to prevent this ack war, but doing so would break RFC compliance, and given the buggy nature of the other end, it sounds to me like a bad idea. -John - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists