lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20090706122728.GB21357@jayr.de>
Date:	Mon, 6 Jul 2009 14:27:29 +0200
From:	Jens Rosenboom <me@...r.de>
To:	Andreas Henriksson <andreas@...al.se>
Cc:	netdev <netdev@...r.kernel.org>
Subject: Re: ipv6 preferred lifetime wraparound...

Hi Andreas,

On Thu, Jul 02, 2009 at 09:23:43PM +0200, Andreas Henriksson wrote:
> Hello!
> 
> I spotted your patch[1] to prevent ipv6 preferred lifetime wraparound.
> It looks to me like you fixed the preferred lifetime, but did not touch
> the valid lifetime. According to a debian bugreport[2] it seems both of
> them like to wrap around. Shouldn't the "valid -= tval;", visible in
> your patch context, also be conditional similar to your change for
> "preferred -= tval;" ?

the first version of my patch changed the calculation for the valid
lifetime, too. However, the address is removed immediately once the
valid lifetime reaches zero. In order to see a wraparound here, the
kernel would have to be busy with other stuff for more than one second
and at the same time your userland process would need to be running to
look at this value. This seemes to me to be rather unlikely, so I
rather wanted to save some code size. But if others see a risk here,
it would certainly make sense to patch this second statement, too.

> [2]: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=518710

Btw, I failed to find a wrapped valid lifetime here, I also did some
tests myself and always saw the expired addresses being deleted well
before the timer could wrap.

Yours,
	Jens
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ