lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <52301603.7030906@cn.fujitsu.com>
Date:	Wed, 11 Sep 2013 15:04:35 +0800
From:	Duan Jiong <duanj.fnst@...fujitsu.com>
To:	hannes@...essinduktion.org
CC:	davem@...emloft.net, netdev@...r.kernel.org
Subject: Re: [PATCH] ipv6: Do route updating for redirect in ndisc layer

于 2013年09月11日 06:50, Hannes Frederic Sowa 写道:
> On Mon, Sep 09, 2013 at 03:09:56PM +0800, Duan Jiong wrote:
>> diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c
>> index 5c71501..61fe8e5 100644
>> --- a/net/ipv6/tcp_ipv6.c
>> +++ b/net/ipv6/tcp_ipv6.c
>> @@ -382,14 +382,6 @@ static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
>>  
>>  	np = inet6_sk(sk);
>>  
>> -	if (type == NDISC_REDIRECT) {
>> -		struct dst_entry *dst = __sk_dst_check(sk, np->dst_cookie);
>> -
>> -		if (dst)
>> -			dst->ops->redirect(dst, sk, skb);
>> -		goto out;
>> -	}
>> -
> 
> You dropped the "goto out" here in case of an NDISC_REDIRECT, so this sends an
> EPROTO further up the socket layer. Was this intended?
> 

I'm sorry, i didn't notice the variable err was assigned to EPROTO.
I only thought that message should be sent to the socket layer, because
i found that in function sctp_v6_err().

In addition, the rfc 4443 said the Redirect Message is not the ICMPv6 Error
Message, so i think we shouldn't call those err_handler function, in other
words we shouldn't call the icmpv6_notify().

How do you think of this?

> Also:
> 
> In some _err() functions there is this check, e.g. ah6.c:
> 
>     621         if (type != ICMPV6_DEST_UNREACH &&
>     622             type != ICMPV6_PKT_TOOBIG &&
>     623             type != NDISC_REDIRECT)
>     624                 return;
> 
> It could actually be adjusted now as we don't handle NDISC_REDIRECTs here any
> more. I don't see any side-effects down the code in these functions. We could
> also only just match on ICMPV6_PKT_TOOBIG. Can you confirm?
> 

Yes, i agree this. 

Thanks,
  Duan
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ