lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <AANLkTimF7piLEy7BUP4-BnmiiGT4NimZw0gE+kmYQd-c@mail.gmail.com>
Date:	Wed, 6 Oct 2010 02:47:12 -0700
From:	Chung-Yih Wang (王崇懿) 
	<cywang@...gle.com>
To:	David Miller <davem@...emloft.net>
Cc:	netdev@...r.kernel.org, linux-kernel@...r.kernel.org,
	timo.teras@....fi
Subject: Re: [PATCH] net: Fix sk_dst_check() to reset the obsolete dst_entry
 of a socket.

I did not pay attention to the CL, actually that did not fix the issue
I encountered. I have a connected UDP socket which will not escape
from the "blackhole" since it will never enter the ipv4_blackhole
function.

In udp_sendmsg(), if the socket is connected one and the dst entry is
obsolete, you will never have a chance to reset the socket's dst entry
since rt will not be NULL.

udp_sendmsg() {
....
if (connected)
               rt = (struct rtable *)sk_dst_check(sk, 0);
if (rt == NULL) {
...  blackhole_function_will_be_executed_here?
}
...
}

On Wed, Oct 6, 2010 at 12:47 AM, Chung-Yih Wang (王崇懿) <cywang@...gle.com> wrote:
> In fact, that is what I intent to change originally. However, consider
> Timo's issue, I intent to submit this patch instead.
>
> On Wed, Oct 6, 2010 at 12:35 AM, David Miller <davem@...emloft.net> wrote:
>>
>> This should have been fixed by:
>>
>> --------------------
>> commit ae2688d59b5f861dc70a091d003773975d2ae7fb
>> Author: Jianzhao Wang <jianzhao.wang@...nd.com>
>> Date:   Wed Sep 8 14:35:43 2010 -0700
>>
>>    net: blackhole route should always be recalculated
>>
>>    Blackhole routes are used when xfrm_lookup() returns -EREMOTE (error
>>    triggered by IKE for example), hence this kind of route is always
>>    temporary and so we should check if a better route exists for next
>>    packets.
>>    Bug has been introduced by commit d11a4dc18bf41719c9f0d7ed494d295dd2973b92.
>>
>>    Signed-off-by: Jianzhao Wang <jianzhao.wang@...nd.com>
>>    Signed-off-by: Nicolas Dichtel <nicolas.dichtel@...nd.com>
>>    Signed-off-by: David S. Miller <davem@...emloft.net>
>>
>> diff --git a/net/ipv4/route.c b/net/ipv4/route.c
>> index 3f56b6e..6298f75 100644
>> --- a/net/ipv4/route.c
>> +++ b/net/ipv4/route.c
>> @@ -2738,6 +2738,11 @@ slow_output:
>>  }
>>  EXPORT_SYMBOL_GPL(__ip_route_output_key);
>>
>> +static struct dst_entry *ipv4_blackhole_dst_check(struct dst_entry *dst, u32 cookie)
>> +{
>> +       return NULL;
>> +}
>> +
>>  static void ipv4_rt_blackhole_update_pmtu(struct dst_entry *dst, u32 mtu)
>>  {
>>  }
>> @@ -2746,7 +2751,7 @@ static struct dst_ops ipv4_dst_blackhole_ops = {
>>        .family                 =       AF_INET,
>>        .protocol               =       cpu_to_be16(ETH_P_IP),
>>        .destroy                =       ipv4_dst_destroy,
>> -       .check                  =       ipv4_dst_check,
>> +       .check                  =       ipv4_blackhole_dst_check,
>>        .update_pmtu            =       ipv4_rt_blackhole_update_pmtu,
>>        .entries                =       ATOMIC_INIT(0),
>>  };
>>
>
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ