lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 9 Jun 2014 16:49:02 -0700
From:	Cong Wang <cwang@...pensource.com>
To:	Alex <d77190@...l.ru>
Cc:	netdev <netdev@...r.kernel.org>
Subject: Re: Bug 75571

On Thu, Jun 5, 2014 at 9:13 PM, Alex <d77190@...l.ru> wrote:
>> Hmm, e1000e should init dev->hard_header_len to ETH_LEN, which is 14.
>> Plus IPv4 header len (20), it should be about 34. I don't understand why
>> the ipip tunnel's hard_header_len is 148 in your case. It is only possible when
>> there is no underlying interface, that is, LL_MAX_HEADER + sizeof(struct iphdr).
>>
>> What do `ip -d link show` and `ip route show` say?
>
> 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
> state UP mode DEFAULT group default qlen 1000
>     link/ether 00:15:17:28:a7:02 brd ff:ff:ff:ff:ff:ff
>
> 7: eth0.99@...0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
> noqueue state UP mode DEFAULT group default
>     link/ether 00:15:17:28:a7:02 brd ff:ff:ff:ff:ff:ff
>     vlan protocol 802.1q id 99 <REORDER_HDR>
>
> 84: tun4177: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1420 qdisc htb state
> UNKNOWN mode DEFAULT group default
>     link/ipip 192.168.18.199 peer 192.168.18.17
>
>
> 192.168.18.199 is loopback address.
>
> ip route show dev eth0.99
> 172.16.254.132/30  proto kernel  scope link  src 172.16.254.134
> 192.168.18.0/26 via 172.16.254.133  proto zebra
> .... and about 200 networks received via BGP
>
> ip route show dev tun4177
> 198.18.0.177  proto kernel  scope link  src 198.18.0.1
> 198.18.100.3 via 198.18.0.177  proto zebra  metric 17
> .... and about 500 routes to hosts recieved via OSPF


Hmm, looks correct so I still have no idea why dev->hard_header_len
is not correct for your ipip tunnel, looks like the only possible reason
is ip_route_output_ports() returns error for some reason.

The best thing we can try is to fix it dynamically on rx, something
like below (if you want to try this patch, please revert the previous one):

diff --git a/net/ipv4/ipip.c b/net/ipv4/ipip.c
index 5dc5137..5eff109 100644
--- a/net/ipv4/ipip.c
+++ b/net/ipv4/ipip.c
@@ -407,6 +407,7 @@ static int ipip_rcv(struct sk_buff *skb)
                tstats->rx_packets++;
                tstats->rx_bytes += skb->len;

+               tunnel->dev->hard_header_len = skb->data - skb_mac_header(skb);
                __skb_tunnel_rx(skb, tunnel->dev);

                ipip_ecn_decapsulate(iph, skb);
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ