lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Wed, 22 Oct 2008 15:09:40 +0300 (EEST)
From:	"Ilpo Järvinen" <ilpo.jarvinen@...sinki.fi>
To:	Aldo Maggi <sentiniate@...cali.it>
cc:	David Miller <davem@...emloft.net>, jarkao2@...il.com,
	Netdev <netdev@...r.kernel.org>,
	bugme-daemon@...zilla.kernel.org, olon@...izon.net
Subject: Re: two other cases Re: [Bug 11721] after upgrade to 2.6.27 i cannot
 navigate

On Wed, 22 Oct 2008, Aldo Maggi wrote:

> Il giorno Wed, 22 Oct 2008 13:00:01 +0300 (EEST)
> "Ilpo Järvinen" <ilpo.jarvinen@...sinki.fi> ha scritto:
> 
> [...]
> 
> > 
> > It would be nice for Aldo to check what the result will be with my
> > second patch (only) using sack=1,ts=0,wscale=0. I guess it does but
> > it's a bit unclear if nop's in front help or not (having the patch
> > below should anyway help also in that case as the mss option gets
> > moved before it anyway).
> 
> in order to avoid misunderstandings, i list herebelow my actions:
> 
> i've used on paperino the kernel 2.6.27.2 patched with ilpo's
> 21.10.2008 patch (see please comment 47 in
> http://bugzilla.kernel.org/show_bug.cgi?id=11721, and NOT with the patch
> contained in comment 58, right?)

Yes, you understood me correctly. This was more or less for completeleness 
test only, to see if the nop's make any difference or not. You found out 
that they do which seemed the more sensible alternative anyway.

> i've modified the following files:
> echo 0 > /proc/sys/net/ipv4/tcp_window_scaling
> echo 0 > /proc/sys/net/ipv4/tcp_timestamps
> echo 1 > /proc/sys/net/ipv4/tcp_sack
> 
> the results are that i CAN navigate (w3m kernel.org) and update my
> system (apt-get update in debian).
>
> should it be of any help to ilpo, i attach the usual tcpdump on the wan
> eth of topolino (my home server/gw)

...It confirms that you made the right test. :-)

So only thing that was problem in your case is that sackOK option (or 
SACK_PERM in code notation) couldn't begin TCP options. With any other 
option as the first one, including nop, it does work. Thanks for all the 
testing you made and reporting it in the first place.

We'll put the latest patch (from comment #58) and it soon makes to 
2.6.28-rcsomething and hopefully with a semi-short delay to some
2.6.27.y, whichever y is appropriate at that time. I hope that the
ubuntu kernel people will then include that as well but it's beoynd
my control what they do.

Thanks again.

-- 
 i.

Powered by blists - more mailing lists