| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1256752203.3153.461.camel@linux-1lbu> Date: Wed, 28 Oct 2009 12:50:03 -0500 From: Steve Chen <schen@...sta.com> To: Rick Jones <rick.jones2@...com> Cc: Mark Huth <mhuth@...sta.com>, netdev@...r.kernel.org Subject: Re: [PATCH] Multicast packet reassembly can fail On Wed, 2009-10-28 at 10:18 -0700, Rick Jones wrote: > >> It has been hours since my last good Emily Litella moment so I'll ask > >> - isn't the combination of source and dest addr, protocol, IP ID and > >> fragment offset supposed to take care of this? How does the ingress > >> interface have anything to do with it? > >> > >> rick jones > > > > The problem we've seen arises only when there are multiple interfaces > > each receiving the same multicast packets. In that case there are > > multiple packets with the same key. Steve was able to track down a > > packet loss due to re-assembly failure under certain arrival order > > conditions. > > > > The proposed fix eliminated the packet loss in this case. There might > > be a different problem in the re-assembly code that we have masked by > > separating the packets into streams from each interface. Now that you > > mention it, the re-assembly code should be robust in the face of some > > duplicated and mis-ordered packets. We can look more closely at that code. > > If I understand correctly, the idea here is to say that when multiple interfaces > receive fragments of copies of the same IP datagram that both copies will > "survive" and flow up the stack? > > I'm basing that on your description, and an email from Steve that reads: > > > Actually, the patch tries to prevent packet drop for this exact > > scenario. Please consider the following scenarios > > 1. Packet comes in the fragment reassemble code in the following order > > (eth0 frag1), (eth0 frag2), (eth1 frag1), (eth1 frag2) > > Packet from both interfaces get reassembled and gets further processed. > > > > 2. Packet can some times arrive in (perhaps other orders as well) > > (eth0 frag1), (eth1 frag1), (eth0 frag2), (eth1 frag2) > > Without this patch, eth0 frag 1/2 are overwritten by eth1 frag1/2, and > > packet from eth1 is dropped in the routing code. > > Doesn't that rather fly in the face of the weak-end-system model followed by Linux? > > I can see where scenario one leads to two IP datagrams making it up the stack, > but I would have thought that was simply an "accident" of the situation that > cannot reasonably be prevented, not justification to cause scenario two to send > two datagrams up the stack. For scenario 2, the routing code drops the 2nd packet. As a result, no packet make it to the application. If someone is willing to suggest an alternative, I can certainly rework the patch and retest. Regards, Steve -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists