lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <507FAAE1.6000903@genband.com>
Date:	Thu, 18 Oct 2012 01:08:17 -0600
From:	Chris Friesen <chris.friesen@...band.com>
To:	Eric Dumazet <eric.dumazet@...il.com>
CC:	netdev <netdev@...r.kernel.org>,
	David Miller <davem@...emloft.net>,
	Alexey Kuznetsov <kuznet@....inr.ac.ru>,
	James Morris <jmorris@...ei.org>,
	Patrick McHardy <kaber@...sh.net>,
	Hideaki YOSHIFUJI <yoshfuji@...ux-ipv6.org>
Subject: Re: Bug?  TCP shutdown behaviour when deleting local IP addresses

On 10/18/2012 12:05 AM, Eric Dumazet wrote:
> On Wed, 2012-10-17 at 17:01 -0600, Chris Friesen wrote:

>> I'm seeing some unexpected (to me, at least) behaviour with local TCP
>> connections.  The scenario goes as follows:
>>
>> 1) create new IP address and assign to eth device
>> 2) TCP server starts listening on that IP address
>> 3) TCP client connects to server
>> 4) remove new IP address
>> 5) kill server with ctrl-C.  At this point it appears that because the
>> address was removed the shutdown message isn't processed properly.
>> netstat shows the server socket as FIN_WAIT1, but the client socket is
>> still ESTABLISHED.
>> 6) client writes to the connected socket (this passes with no error)
>> 7) client waits for response from server, and waits forever or until
>> keepalive expires

>> It seems like the waiting forever behaviour in step 7 might be
>> legitimate since the address was removed before shutting down the
>> server, but it also seems like we should be able to do better given that
>> everything is local.  In the "remove IP address" case maybe step 6
>> should cause some sort of error since the IP address no longer exists?
>>
>> Incidentally, if we do this sort of scenario with the client and server
>> on different hosts then we get a "no route to host" error at step 6.

>
> I see no real problem here.
>
> Its like you cut the cable somewhere in the path.
>
> Only timeouts will apply.

While I agree generally, it's a bit unfortunate that we can't (as a 
quality of implementation thing) give an earlier notice of failure since 
the kernel knows about both ends of the connection even though the IP 
address is gone.  On the other hand, I imagine that would mean 
special-casing things and presumably that would open a whole can of worms.

Thanks for the reply,

Chris
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ