lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20131109180353.GA3715@localhost>
Date:	Sat, 9 Nov 2013 19:03:53 +0100
From:	Pablo Neira Ayuso <pablo@...filter.org>
To:	Jamal Hadi Salim <jhs@...atatu.com>
Cc:	David Miller <davem@...emloft.net>, tgraf@...g.ch,
	jbenc@...hat.com, netdev@...r.kernel.org
Subject: Re: [PATCH net] netlink: fix netlink_ack with large messages

On Sat, Nov 09, 2013 at 08:43:51AM -0500, Jamal Hadi Salim wrote:
> On 11/09/13 00:00, David Miller wrote:
> 
> >The user has the message, they gave it to us in the sendmsg()
> >we are responding to.  We absolutely do not need to give it
> >to them again.
> >
> >If they care about referring to the contents of that message, they can
> >refer to it in their own copy and make sure they are really looking at
> >the same thing by comparing the sequence number in the netlink ACK to
> >the one they used in the netlink header they gave to the kernel in the
> >sendmsg() call.
> >
> >What happens now is pure duplication, and for such huge netlink
> >messages it's really not smart at all.
> >
> 
> for errors, we need to give the user something back. This has been the
> behavior for 80 years now. Giving them a HUGE message
> back is rediculuos(tm). Ive had enough of SCTP doing that.
> We need to cap it - sort of what ICMP does.
> ICMP caps at 64B; something like 128B is reasonable.

Personally, I have only used the sequence number to correlate the
original request with the ack reply, so I agree in that trimming it to
some reasonable amount of bytes like ICMP is the way to go. I prefer
if we select a large enough amount of bytes to avoid breaking backward
compatibility, eg. 128KB, since I'm not sure what kind of handling
others may have done of this.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ