| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20150322.195003.654000183854114521.davem@davemloft.net> Date: Sun, 22 Mar 2015 19:50:03 -0400 (EDT) From: David Miller <davem@...emloft.net> To: herbert@...dor.apana.org.au Cc: eric.dumazet@...il.com, netdev@...r.kernel.org, roland@...estorage.com Subject: Re: arp_hash From: Herbert Xu <herbert@...dor.apana.org.au> Date: Mon, 23 Mar 2015 10:08:48 +1100 > On Sun, Mar 22, 2015 at 06:58:50PM -0400, David Miller wrote: >> >> But I do not agree with the idea that it is in any way possible to >> stop someone with root access on the physical network from crudding up >> our ARP hash tables. > > But you don't need root access to exploit the neighbour hash > table. You just need a sufficiently large (e.g., /16) route > to a network and anybody on the system can then generate traffic > to it. > > Granted these days hardly anybody on IPv4 would have such a route > but if you do then the hash table makes you exposed. > > And for IPv6 everybody is potentially exposed. BTW I asked for feedback when I posted the patches which created this situation, and the multiply with the random input was believed to have sufficient entropy and not create a situation any worse, asymptotically, than what we had beforehand. Perhaps the ipv6 case can be improved, by using a u32 random input for each u32 of the address being hashed. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists