| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20130502095955.1ea082fb@redhat.com> Date: Thu, 2 May 2013 09:59:55 +0200 From: Jesper Dangaard Brouer <brouer@...hat.com> To: Eric Dumazet <eric.dumazet@...il.com>, "David S. Miller" <davem@...emloft.net> Cc: Jesper Dangaard Brouer <brouer@...hat.com>, Hannes Frederic Sowa <hannes@...essinduktion.org>, netdev@...r.kernel.org Subject: Re: [net-next PATCH 1/4] Revert "inet: limit length of fragment queue hash table bucket lists" On Wed, 24 Apr 2013 17:00:30 -0700 Eric Dumazet <eric.dumazet@...il.com> wrote: > On Wed, 2013-04-24 at 17:48 +0200, Jesper Dangaard Brouer wrote: > > This reverts commit 5a3da1fe9561828d0ca7eca664b16ec2b9bf0055. > > > > The problem with commit 5a3da1fe (inet: limit length of fragment > > queue hash table bucket lists) is that, once we hit the hash depth > > limit (of 128), the we *keep* the existing frag queues, not > > allowing new frag queues to be created. Thus, an attacker can > > effectivly block handling of fragments for 30 sec (as each frag > > queue have a timeout of 30 sec) > > > > I do not think its good to revert this patch. It was a step in right > direction. We need a revert, because we are too close to the merge window, and cannot complete the needed "steps" to make this patch safe, sorry. --Jesper -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists