lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <E4A37B97-95FE-42C3-AD78-119BA406A44A@cygnusnetworks.de>
Date:	Tue, 23 Jul 2013 15:32:40 +0200
From:	Helmut Grohne <h.grohne@...nusnetworks.de>
To:	netdev@...r.kernel.org
Cc:	David Miller <davem@...emloft.net>,
	Max Krasnyansky <maxk@....qualcomm.com>
Subject: Re: TUN/TAP: tap driver reports bogus interface speed in ethtool operations


On 16.07.2013, at 23:41, Max Krasnyansky <maxk@....qualcomm.com> wrote:
> The patch looks fine to me (must admit that I only glanced at it). Please send it to the netdev
> mailing list netdev@...r.kernel.org, if you have't already done so.
> CC David Miller <davem@...emloft.net> and me.

Doing that. Now summarizing the issue for the new recipients:

Problem:

When querying a tap device for its speed using ethtool the tun driver reports a speed
of SPEED_10. This number is hard coded into the driver. Nowadays virtual network devices
can go way faster than that. When doing automatic bandwidth monitoring based on the
speed reported by ethtool, tap devices tend to come up as false positives. Arguably the
hard coded speed is wrong.

Proposed solution:

To that end I propose supporting the ETHTOOL_SSET command in addition to the already
supported ETHTOOL_GSET. It would deny setting any setting except for the bandwidth
where it would allow arbitrary values. You can find this patch attached.

With this patch an administrator can increase the reported speed for tap devices and
keep using automatic detection of interface speeds.

Workarounds:

Using ethtool a detection utility can determine the driver for an interface. If the
driver matches the string "tun", the reported speed should not be used.

Helmut


Download attachment "0001-tuntap-allow-changing-ethtool-speed.patch" of type "application/octet-stream" (2732 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ