lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 22 Oct 2008 15:09:40 +0300 (EEST) From: "Ilpo Järvinen" <ilpo.jarvinen@...sinki.fi> To: Aldo Maggi <sentiniate@...cali.it> cc: David Miller <davem@...emloft.net>, jarkao2@...il.com, Netdev <netdev@...r.kernel.org>, bugme-daemon@...zilla.kernel.org, olon@...izon.net Subject: Re: two other cases Re: [Bug 11721] after upgrade to 2.6.27 i cannot navigate On Wed, 22 Oct 2008, Aldo Maggi wrote: > Il giorno Wed, 22 Oct 2008 13:00:01 +0300 (EEST) > "Ilpo Järvinen" <ilpo.jarvinen@...sinki.fi> ha scritto: > > [...] > > > > > It would be nice for Aldo to check what the result will be with my > > second patch (only) using sack=1,ts=0,wscale=0. I guess it does but > > it's a bit unclear if nop's in front help or not (having the patch > > below should anyway help also in that case as the mss option gets > > moved before it anyway). > > in order to avoid misunderstandings, i list herebelow my actions: > > i've used on paperino the kernel 2.6.27.2 patched with ilpo's > 21.10.2008 patch (see please comment 47 in > http://bugzilla.kernel.org/show_bug.cgi?id=11721, and NOT with the patch > contained in comment 58, right?) Yes, you understood me correctly. This was more or less for completeleness test only, to see if the nop's make any difference or not. You found out that they do which seemed the more sensible alternative anyway. > i've modified the following files: > echo 0 > /proc/sys/net/ipv4/tcp_window_scaling > echo 0 > /proc/sys/net/ipv4/tcp_timestamps > echo 1 > /proc/sys/net/ipv4/tcp_sack > > the results are that i CAN navigate (w3m kernel.org) and update my > system (apt-get update in debian). > > should it be of any help to ilpo, i attach the usual tcpdump on the wan > eth of topolino (my home server/gw) ...It confirms that you made the right test. :-) So only thing that was problem in your case is that sackOK option (or SACK_PERM in code notation) couldn't begin TCP options. With any other option as the first one, including nop, it does work. Thanks for all the testing you made and reporting it in the first place. We'll put the latest patch (from comment #58) and it soon makes to 2.6.28-rcsomething and hopefully with a semi-short delay to some 2.6.27.y, whichever y is appropriate at that time. I hope that the ubuntu kernel people will then include that as well but it's beoynd my control what they do. Thanks again. -- i.
Powered by blists - more mailing lists