lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:	Sat, 25 Jan 2014 23:48:45 +0100
From:	Florian Westphal <>
Subject: [PATCH 0/2] Fix handling of GRO skbs in forwarding path

Marcelo Ricardo Leitner reported problems when the forwarding link
path has a lower mtu than the incoming link if the inbound interface
supports GRO.

Currently GSO/GRO skbs bypass all dst MTU checks, i.e. forwarding of
such skbs fails in case the outgoing link mtu is smaller than the one
of the incoming interface: We neither generate an icmp error nor will
the packet be fragmented if ipv4 would permit it.

The first patch moves part of Eric Dumazets skb_gso_seglen helper from
sch_tbf to skbuff core for re-use in forwarding path.

The 2nd change then alters forwarding path to handle GRO skbs.

It is not 100% correct, since the icmp error will contain the headers
of the GRO skb instead of the original/segmented one, but it seems to
work fine in my (limited) tests.

Software segmentation is done for ipv4 if the DF bit is not set.

If you think this is -next material just set patchwork state to
"deferred", I'll resend then once -next is open again.

 include/linux/skbuff.h |   18 +++++++++++++++
 net/core/skbuff.c      |   26 +++++++++++++++++++++
 net/ipv4/ip_forward.c  |   58 +++++++++++++++++++++++++++++++++++++++++++++++--
 net/ipv6/ip6_output.c  |   18 +++++++++++++--
 net/sched/sch_tbf.c    |   12 ++--------
 5 files changed, 119 insertions(+), 13 deletions(-)
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to
More majordomo info at

Powered by blists - more mailing lists