lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 4 Sep 2012 11:23:04 -0700 From: Chris Wright <chrisw@...hat.com> To: Jesse Gross <jesse@...ira.com> Cc: David Miller <davem@...emloft.net>, netdev@...r.kernel.org, dev@...nvswitch.org, chrisw@...hat.com Subject: Re: [PATCH net-next 4/7] openvswitch: Reset upper layer protocol info on internal devices. * Jesse Gross (jesse@...ira.com) wrote: > On Mon, Sep 3, 2012 at 6:00 PM, David Miller <davem@...emloft.net> wrote: > > From: Jesse Gross <jesse@...ira.com> > > Date: Mon, 3 Sep 2012 17:57:39 -0700 > > > >> On Fri, Jul 20, 2012 at 3:26 PM, Jesse Gross <jesse@...ira.com> wrote: > >>> It's possible that packets that are sent on internal devices (from > >>> the OVS perspective) have already traversed the local IP stack. > >>> After they go through the internal device, they will again travel > >>> through the IP stack which may get confused by the presence of > >>> existing information in the skb. The problem can be observed > >>> when switching between namespaces. This clears out that information > >>> to avoid problems but deliberately leaves other metadata alone. > >>> This is to provide maximum flexibility in chaining together OVS > >>> and other Linux components. > >>> > >>> Signed-off-by: Jesse Gross <jesse@...ira.com> > >> > >> It was recently discovered that the bug that this patch fixes is > >> causing problems in the real world. Can you please queue this for > >> stable in 3.4/3.5? It's currently in Linus's tree as > >> 7fe99e2d434eafeac0c57b279a77e5de39212636. > >> > > > > What vendor is shipping openvswitch enabled and requires the fix to > > be in -stable before they'll ship it to customers? > > > > That goes into what is 'real world' > > Fedora is running into it I believe. Chris Wright asked for it so he > might be able to elaborate more on their plans. I've not hit the bug myself, but been made aware of the issue from OpenStack/Quantum folks. There's a testing scenario that hits this as described in this launchpad bug: https://bugs.launchpad.net/quantum/+bug/1044318 thanks, -chris -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists