lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.64.0902212042420.20526@wrl-59.cs.helsinki.fi>
Date:	Sat, 21 Feb 2009 20:54:11 +0200 (EET)
From:	"Ilpo Järvinen" <ilpo.jarvinen@...sinki.fi>
To:	Herbert Xu <herbert@...dor.apana.org.au>
cc:	David Miller <davem@...emloft.net>, jeff.chua.linux@...il.com,
	rjw@...k.pl, torvalds@...ux-foundation.org,
	LKML <linux-kernel@...r.kernel.org>,
	Netdev <netdev@...r.kernel.org>
Subject: Re: commit 64ff3b938ec6782e6585a83d5459b98b0c3f6eb8 breaks rlogin

On Sat, 21 Feb 2009, Herbert Xu wrote:

> On Mon, Feb 09, 2009 at 03:28:09PM +0200, Ilpo Järvinen wrote:
> >
> > Yes, that should work too except the gcc catchable typo.
> 
> Thanks, so let's try again for net-next:
> 
> tcp: Always set urgent pointer if it's beyond snd_nxt
> 
> Our TCP stack does not set the urgent flag if the urgent pointer
> does not fit in 16 bits, i.e., if it is more than 64K from the
> sequence number of a packet.
> 
> This behaviour is different from the BSDs, and clearly contradicts
> the purpose of urgent mode, which is to send the notification
> (though not necessarily the associated data) as soon as possible.
> Our current behaviour may in fact delay the urgent notification
> indefinitely if the receiver window does not open up.
> 
> Simply matching BSD however may break legacy applications which
> incorrectly rely on the out-of-band delivery of urgent data, and
> conversely the in-band delivery of non-urgent data.
> 
> Alexey Kuznetsov suggested a safe solution of following BSD only
> if the urgent pointer itself has not yet been transmitted.  This
> way we guarantee that when the remote end sees the packet with
> non-urgent data marked as urgent due to wrap-around we would have
> advanced the urgent pointer beyond, either to the actual urgent
> data or to an as-yet untransmitted packet.
> 
> The only potential downside is that applications on the remote
> end may see multiple SIGURG notifications.  However, this would
> occur anyway with other TCP stacks.  More importantly, the outcome
> of such a duplicate notification is likely to be harmless since
> the signal itself does not carry any information other than the
> fact that we're in urgent mode.
> 
> Thanks to Ilpo Järvinen for fixing a critical bug in this and
> Jeff Chua for reporting that bug.
> 
> Signed-off-by: Herbert Xu <herbert@...dor.apana.org.au>
>
> diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c
> index dda42f0..f5263c8 100644
> --- a/net/ipv4/tcp_output.c
> +++ b/net/ipv4/tcp_output.c
> @@ -663,10 +663,14 @@ static int tcp_transmit_skb(struct sock *sk, struct sk_buff *skb, int clone_it,
>  	th->urg_ptr		= 0;
>  
>  	/* The urg_mode check is necessary during a below snd_una win probe */
> -	if (unlikely(tcp_urg_mode(tp) &&
> -		     between(tp->snd_up, tcb->seq + 1, tcb->seq + 0xFFFF))) {
> -		th->urg_ptr		= htons(tp->snd_up - tcb->seq);
> -		th->urg			= 1;
> +	if (unlikely(tcp_urg_mode(tp) && before(tcb->seq, tp->snd_up))) {
> +		if (before(tp->snd_up, tcb->seq + 0x10000)) {
> +			th->urg_ptr = htons(tp->snd_up - tcb->seq);
> +			th->urg = 1;
> +		} else if (after(tcb->seq + 0xFFFF, tp->snd_nxt)) {
> +			th->urg_ptr = 0xFFFF;
> +			th->urg = 1;
> +		}
>  	}
>  
>  	tcp_options_write((__be32 *)(th + 1), tp, &opts, &md5_hash_location);

I thought this through already at the last time... so I think it really 
should work in all cases I could think of (including the below window 
probes whose existance is not very obvious before they bite back :-)):

Acked-by: Ilpo Järvinen <ilpo.jarvinen@...sinki.fi>

But I mostly agree with Linus that URG is legacy that would be good
to just deprecate instead of trying to "fix" it.


-- 
 i.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ