| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 28 May 2015 07:36:08 +0200 From: Steffen Klassert <steffen.klassert@...unet.com> To: Alexander Duyck <alexander.h.duyck@...hat.com> CC: <davem@...emloft.net>, <herbert@...dor.apana.org.au>, <netdev@...r.kernel.org>, <linux-crypto@...r.kernel.org> Subject: Re: [PATCH] xfrm6: Do not use xfrm_local_error for path MTU issues in tunnels On Wed, May 27, 2015 at 10:40:32AM -0700, Alexander Duyck wrote: > This change makes it so that we use icmpv6_send to report PMTU issues back > into tunnels in the case that the resulting packet is larger than the MTU > of the outgoing interface. Previously xfrm_local_error was being used in > this case, however this was resulting in no changes, I suspect due to the > fact that the tunnel itself was being kept out of the loop. > > This patch fixes PMTU problems seen on ip6_vti tunnels and is based on the > behavior seen if the socket was orphaned. Instead of requiring the socket > to be orphaned this patch simply defaults to using icmpv6_send in the case > that the frame came though a tunnel. We can use icmpv6_send() just in the case that the packet was already transmitted by a tunnel device, otherwise we get the bug back that I mentioned in my other mail. Not sure if we have something to know that the packet traversed a tunnel device. That's what I asked in the thread 'Looking for a lost patch'. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists