| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 27 Mar 2013 22:24:15 -0400 (EDT)
From: David Miller <davem@...emloft.net>
To: lw@...fujitsu.com
Cc: stephen@...workplumber.org, netdev@...r.kernel.org
Subject: Re: [Bug 55861] New: PMTU discovery no longer works in Linux 3.6+
with routers that do not send next hop MTU information
From: Li Wei <lw@...fujitsu.com>
Date: Thu, 28 Mar 2013 09:59:04 +0800
> It seems to be in icmp_unreach():
>
> case ICMP_FRAG_NEEDED:
> if (ipv4_config.no_pmtu_disc) {
> LIMIT_NETDEBUG(KERN_INFO pr_fmt("%pI4: fragmentation needed and DF set\n"),
> &iph->daddr);
> } else {
> info = ntohs(icmph->un.frag.mtu);
> if (!info)
> goto out;
>
> When MTU is zero, we skip the process in icmp_socket_deliver() which propagate
> this error to transport protocols.
No, really, MTU field should not be set to zero. It should be set to
the actual MTU value we should use.
If you remove this check then we'll go down to the ipv4 routing code
and use the minimum ipv4 MTU, you absolutely do not want that.
The old code, that was removed, would try to guess in this case using
a table, the guard for this code path had comment:
/* BSD 4.2 derived systems incorrectly adjust
* tot_len by the IP header length, and report
* a zero MTU in the ICMP message.
*/
So the machines sending these zero MTUs are very broken.
I'm not accomodating such broken systems, sorry.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists