| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 8 Jun 2016 10:39:38 +0100 (BST) From: Paul Jakma <paul@...ma.org> To: Alan Davey <Alan.Davey@...aswitch.com> cc: David Miller <davem@...emloft.net>, "netdev@...r.kernel.org" <netdev@...r.kernel.org>, "kuznet@....inr.ac.ru" <kuznet@....inr.ac.ru>, "jmorris@...ei.org" <jmorris@...ei.org>, "yoshfuji@...ux-ipv6.org" <yoshfuji@...ux-ipv6.org>, "kaber@...sh.net" <kaber@...sh.net> Subject: RE: [PATCH] net: Fragment large datagrams even when IP_HDRINCL is set. Hi, We have to re-create IPv4 fragmentation in user-space in ospfd in Quagga cause of this, on raw IPv4/OSPF sockets. It'd be really nice to be able to deprecate that code and just have existing kernel code do that for us. It should only happen if the app indicates it though, e.g. via a sockopt, to avoid compatibility issues. regards, Paul On Wed, 8 Jun 2016, Alan Davey wrote: > - Consequently, everyone has to fix the same bug and work around it > by fragmenting in their application (we have seen this happen > several dozen times just in our experience). > > - The end result is that the fragmentation code ends up being > implemented in many places, instead of just once, using the existing > kernel code. > > - The patch is a low risk fix; removing 5 lines of code and using existing code to perform the fragmentation. It should be back-compatible because > o existing code written to work round the feature will continue to work > o it seems very unlikely that anyone relies on the current behaviour of oversized packets being rejected, and would not prefer the new behavior. > > Therefore, whether it is a bug or a feature, I think there is value in > fixing the behaviour. > Regards > Alan > > -----Original Message----- > From: David Miller [mailto:davem@...emloft.net] > Sent: 31 May 2016 19:39 > To: Alan Davey <Alan.Davey@...aswitch.com> > Cc: netdev@...r.kernel.org; kuznet@....inr.ac.ru; jmorris@...ei.org; yoshfuji@...ux-ipv6.org; kaber@...sh.net > Subject: Re: [PATCH] net: Fragment large datagrams even when IP_HDRINCL is set. > > From: Alan Davey <alan.davey@...aswitch.com> > Date: Mon, 23 May 2016 15:23:45 +0100 > >> One of the bugs documented in the raw(7) man page is as follows: When >> the IP_HDRINCL option is set, datagrams will not be fragmented and are >> limited to the interface MTU. >> >> This patch fixes the bug by removing the check for "length > rt->dst.dev->mtu" >> in raw_send_hdrinc() (net/ipv4/raw.c). Datagrams are no longer >> limited to the interface MTU size if the IP_HDRINCL option is set, but >> are fragmented, if necessary, in the same way as all other datagrams. >> >> Signed-off-by: Alan Davey <alan.davey@...aswitch.com> > > This is not a bug, it's a feature and it's how RAW ipv4 sockets have behaved for two decades. > > If the user wants to use hdr inclusion, he can send multiple frames and set the fragmentation bits appropriately. > > I'm not applying this patch. > -- Paul Jakma | paul@...ma.org | @pjakma | Key ID: 0xD86BF79464A2FF6A Fortune: I don't want to bore you, but there's nobody else around for me to bore.
Powered by blists - more mailing lists