lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 22 Dec 2015 22:47:00 +0100
From:	Hannes Frederic Sowa <hannes@...essinduktion.org>
To:	Florian Westphal <fw@...len.de>, netdev@...r.kernel.org
Cc:	eric.dumazet@...il.com
Subject: Re: [PATCH v2 -next 3/3] tcp: honour SO_BINDTODEVICE for TW_RST case
 too

On 21.12.2015 21:29, Florian Westphal wrote:
> Hannes points out that when we generate tcp reset for timewait sockets we
> pretend we found no socket and pass NULL sk to tcp_vX_send_reset().
> 
> Make it cope with inet tw sockets and then provide tw sk.
> 
> This makes RSTs appear on correct interface when SO_BINDTODEVICE is used.
> 
> Packetdrill test case:
> // want default route to be used, we rely on BINDTODEVICE
> `ip route del 192.0.2.0/24 via 192.168.0.2 dev tun0`
> 
> 0.000 socket(..., SOCK_STREAM, IPPROTO_TCP) = 3
> // test case still works due to BINDTODEVICE
> 0.001 setsockopt(3, SOL_SOCKET, SO_BINDTODEVICE, "tun0", 4) = 0
> 0.100...0.200 connect(3, ..., ...) = 0
> 
> 0.100 > S 0:0(0) <mss 1460,sackOK,nop,nop>
> 0.200 < S. 0:0(0) ack 1 win 32792 <mss 1460,sackOK,nop,nop>
> 0.200 > . 1:1(0) ack 1
> 
> 0.210 close(3) = 0
> 
> 0.210 > F. 1:1(0) ack 1 win 29200
> 0.300 < . 1:1(0) ack 2 win 46
> 
> // more data while in FIN_WAIT2, expect RST
> 1.300 < P. 1:1001(1000) ack 1 win 46
> 
> // fails without this change -- default route is used
> 1.301 > R 1:1(0) win 0
> 
> Reported-by: Hannes Frederic Sowa <hannes@...essinduktion.org>
> Signed-off-by: Florian Westphal <fw@...len.de>

Acked-by: Hannes Frederic Sowa <hannes@...essinduktion.org>

Tested and works fine, thanks Florian and Eric!
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ