| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20120304.214217.1441761517395907331.davem@davemloft.net> Date: Sun, 04 Mar 2012 21:42:17 -0500 (EST) From: David Miller <davem@...emloft.net> To: xemul@...allels.com Cc: netdev@...r.kernel.org, tj@...nel.org, eric.dumazet@...il.com Subject: Re: [PATCH 2/2] tcp: Initial repair mode From: Pavel Emelyanov <xemul@...allels.com> Date: Wed, 29 Feb 2012 19:14:22 +0400 > This includes (according the the previous description): > > * TCP_REPAIR sockoption > * Sequences sockoptions > * Ability to forcibly bind a socket to a port > * Immediate connect modification > * Silent close modification > > Signed-off-by: Pavel Emelyanov <xemul@...allels.com> There are some assumptions about the relationship between the receive queue, copied_seq, and these other sequence numbers which keep track of what's happening. There are warning and assertions that trigger any time these values appear to be out-of-whack, for example the WARN() checks in tcp_cleanup_rbuf() and tcp_recvmsg(). I don't see anything in this code which makes sure the other aspects of the TCP socket are in a state such that these assertions will not potentially trigger. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists