lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Sat, 22 Oct 2016 11:36:07 +0200
From:   Stefan Richter <stefanr@...6.in-berlin.de>
To:     Jarod Wilson <jarod@...hat.com>
Cc:     Sabrina Dubroca <sd@...asysnail.net>, linux-kernel@...r.kernel.org,
        netdev@...r.kernel.org, Faisal Latif <faisal.latif@...el.com>,
        linux-rdma@...r.kernel.org, Cliff Whickman <cpw@....com>,
        Robin Holt <robinmholt@...il.com>,
        Jes Sorensen <jes@...ined-monkey.org>,
        Marek Lindner <mareklindner@...mailbox.ch>,
        Simon Wunderlich <sw@...onwunderlich.de>,
        Antonio Quartulli <a@...table.cc>
Subject: Re: [PATCH net-next 6/6] net: use core MTU range checking in misc
 drivers

On Oct 19 Jarod Wilson wrote:
> On Thu, Oct 20, 2016 at 12:38:46AM +0200, Stefan Richter wrote:
> > On Oct 19 Sabrina Dubroca wrote:
> > > 2016-10-18, 22:33:33 -0400, Jarod Wilson wrote:
> > > [...]
> > > > diff --git a/drivers/firewire/net.c b/drivers/firewire/net.c
> > > > index 309311b..b5f125c 100644
> > > > --- a/drivers/firewire/net.c
> > > > +++ b/drivers/firewire/net.c
> > > > @@ -1349,15 +1349,6 @@ static netdev_tx_t fwnet_tx(struct sk_buff *skb, struct net_device *net)
> > > >  	return NETDEV_TX_OK;
> > > >  }
> > > >  
> > > > -static int fwnet_change_mtu(struct net_device *net, int new_mtu)
> > > > -{
> > > > -	if (new_mtu < 68)
> > > > -		return -EINVAL;
> > > > -
> > > > -	net->mtu = new_mtu;
> > > > -	return 0;
> > > > -}
> > > > -  
> > > 
> > > This doesn't do any upper bound checking.
> > 
> > I need to check more closely, but I think the RFC 2734 encapsulation spec
> > and our implementation do not impose a particular upper limit.  Though I
> > guess it's bad to let userland set arbitrarily large values here.
> 
> In which case, that would suggest using IP_MAX_MTU (65535) here.

Probably.  I (or somebody) need to check the spec and the code once more.

[...]
> > > > @@ -1481,6 +1471,8 @@ static int fwnet_probe(struct fw_unit *unit,
> > > >  	max_mtu = (1 << (card->max_receive + 1))
> > > >  		  - sizeof(struct rfc2734_header) - IEEE1394_GASP_HDR_SIZE;
> > > >  	net->mtu = min(1500U, max_mtu);
> > > > +	net->min_mtu = ETH_MIN_MTU;
> > > > +	net->max_mtu = net->mtu;  
> > > 
> > > But that will now prevent increasing the MTU above the initial value?
> > 
> > Indeed, therefore NAK.
> 
> However, there's an explicit calculation for 'max_mtu' right there that I
> glazed right over. It would seem perhaps *that* should be used for
> net->max_mtu here, no?

No.  This 'max_mtu' here is not the absolute maximum.  It is only an
initial MTU which has the property that link fragmentation is not
going to happen (if all other peers will at least as capable as this
node).
-- 
Stefan Richter
-======----- =-=- =-==-
http://arcgraph.de/sr/

Powered by blists - more mailing lists