lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 15 May 2015 12:37:26 -0400 (EDT)
From:	David Miller <davem@...hat.com>
To:	herbert@...dor.apana.org.au
Cc:	alexander.duyck@...il.com, alexander.h.duyck@...hat.com,
	netdev@...r.kernel.org, steffen.klassert@...unet.com, tgraf@...g.ch
Subject: Re: [net PATCH] ip_vti/ip6_vti: Clear skb->mark when resetting
 skb->dev in receive path

From: Herbert Xu <herbert@...dor.apana.org.au>
Date: Thu, 14 May 2015 14:26:14 +0800

> On Wed, May 13, 2015 at 11:14:39PM -0700, Alexander Duyck wrote:
>> 
>> The fact is I am not all that familiar with the vti code and just
>> started crawling through it a few days ago, but it seems like it is
>> overwriting the skb->mark value with the i_key to determine which
>> policy to use.  The code prior to commit df3893c176e9 ("vti: Update
>> the ipv4 side to use it's own receive hook.") was saving the old
>> skb->mark, overwriting it, and then restoring it after a call to
>> xfrm4_policy_check.  After that commit it was letting
>> skb_scrub_packet in vti_rcv_cb clear the mark and it was just
>> dropped.
> 
> Steffen, why is vti touching skb->mark at all? This is supposed
> to be a field used by user-space to control a packet as it moves
> inside the kernel.  Seconding it for other purposes looks very
> wrong.

If anything, the skb_scrub_packet() call right above the skb->mark
clears should be taking care of this.

The only case where mark should be cleared is if we are changing
namespaces, and that's exactly the policy implemented by
skb_scrub_packet() currently.

Yeah, this mark handling via tunnel->parms.o_key looks not so good.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ