lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20131213080844.3b48e774@vostro>
Date:	Fri, 13 Dec 2013 08:08:44 +0200
From:	Timo Teras <timo.teras@....fi>
To:	David Miller <davem@...emloft.net>
Cc:	netdev@...r.kernel.org, pshelar@...ira.com
Subject: Re: [PATCH net] ip_gre: fix msg_name parsing for recvfrom/recvmsg

On Thu, 12 Dec 2013 15:34:29 -0500 (EST)
David Miller <davem@...emloft.net> wrote:

> From: Timo Teräs <timo.teras@....fi>
> Date: Thu, 12 Dec 2013 10:53:52 +0200
> 
> > ipgre_header_parse() needs to parse the tunnel's ip header for
> > getting the link-layer addresses, and uses mac_header to get the
> > header. This fixes setting mac_header on the receive path to
> > original behaviour.
> > 
> > Bug added in commit c54419321455 (GRE: Refactor GRE tunneling code.)
> > 
> > Cc: Pravin B Shelar <pshelar@...ira.com>
> > Signed-off-by: Timo Teräs <timo.teras@....fi>
> > ---
> > Alternate would be to do skb_reset_inner_headers() in
> > ip_tunnel_rcv() and update ipgre_header_parse() to use
> > skb_inner_network_header(). Though, then inner would then be
> > referring to the "outer" headers.
> > 
> > If applied as-is, should go to -stable too.
> 
> Would skb_reset_mac_header() work just as equally?  I'd prefer that
> over direct modification of skb->*_header values.

No. It was actually converted originally to skb_reset_mac_header() but
that led to problems. See commit 1d0691674764098304ae4c63c715f588.

When ipgre_rcv is entered, the outer iphdr has been already pulled,
thus head points to the GRE header. So skb_reset_mac_header() would
make it point at the GRE header instead of the desired outer IP header.

But I agree that it'd be better to use helpers. That's why I suggested
the skb_reset_inner_headers() as an alternative. But as it's slightly
more intrusive approach, I opted to just restore the original assignment
as first suggestion.

- Timo
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ