lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1398133717.29946.21.camel@edumazet-glaptop2.roam.corp.google.com>
Date:	Mon, 21 Apr 2014 19:28:37 -0700
From:	Eric Dumazet <eric.dumazet@...il.com>
To:	Liu Yu <allanliuyu@...il.com>
Cc:	"David S. Miller" <davem@...emloft.net>,
	Alexey Kuznetsov <kuznet@....inr.ac.ru>,
	Stephen Hemminger <shemminger@...tta.com>,
	netdev@...r.kernel.org
Subject: Re: [PATCH] tcp_cubic: fix divide error when SYN flood

On Tue, 2014-04-22 at 09:53 +0800, Liu Yu wrote:
> From: Liu Yu <allanyuliu@...cent.com>
> 
> commit b9f47a3aaeab (tcp_cubic: limit delayed_ack ratio to prevent
> divide error) try to prevent divide error, but it still has a little
> chance that delayed_ack can reach zero. In case machine sufferring
> continuous SYN flood, the argument cnt could be big, and so that
> ratio+cnt could get overflow and may happen to be zero. If so,
> min(ratio, ACK_RATIO_LIMIT) will calculate to be zero.
> 
> The crash log may like this:
> ..
> <6>[27536.083145] possible SYN flooding on port 8080. Sending cookies.
> <6>[27596.092124] possible SYN flooding on port 8080. Sending cookies.
> <6>[27656.109832] possible SYN flooding on port 8080. Sending cookies.
> <0>[27676.940730] divide error: 0000 [#1] SMP
> <0>[27676.987890] last sysfs file: /sys/class/scsi_host/host0/proc_name
> ..
> 
> CC: Stephen Hemminger <shemminger@...tta.com>
> Signed-off-by: Liu Yu <allanyuliu@...cent.com>
> ---
> net/ipv4/tcp_cubic.c | 4 ++--
> 1 files changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/net/ipv4/tcp_cubic.c b/net/ipv4/tcp_cubic.c
> index 8bf2245..9d332b9 100644
> --- a/net/ipv4/tcp_cubic.c
> +++ b/net/ipv4/tcp_cubic.c
> @@ -404,12 +404,12 @@ static void bictcp_acked(struct sock *sk, u32 cnt, s32 rtt_us)
> u32 delay;
> 
> if (icsk->icsk_ca_state == TCP_CA_Open) {
> - u32 ratio = ca->delayed_ack;
> + u64 ratio = ca->delayed_ack;
> 
> ratio -= ca->delayed_ack >> ACK_RATIO_SHIFT;
> ratio += cnt;
> 
> - ca->delayed_ack = min(ratio, ACK_RATIO_LIMIT);
> + ca->delayed_ack = min_t(u64, ratio, ACK_RATIO_LIMIT);
> }
> 
> /* Some calls are for duplicates without timetamps */

Hi Liu

Your patch is mangled. Check Documentation/email-clients.txt

I do not see how a SYN (flood or not) can be cause of the crash you
have.

Please provide full stack trace.

Thanks


--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ