| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 20 Sep 2017 14:15:17 -0700
From: Stephen Hemminger <stephen@...workplumber.org>
To: Harsha Chenji <cjkernel@...il.com>
Cc: netdev@...r.kernel.org
Subject: Re: ipv4 ID calculation
On Mon, 18 Sep 2017 20:43:05 -0400
Harsha Chenji <cjkernel@...il.com> wrote:
> Hi all,
>
> Where is the ID field of the IPv4 header created when the DF flag is
> set? I am looking at ip_build_and_send_pkt. The code seems to have
> changed in 4.4-rc1:
>
> if (ip_dont_fragment(sk, &rt->dst)) {
> iph->frag_off = htons(IP_DF);
> iph->id = 0;
> } else {
> iph->frag_off = 0;
> __ip_select_ident(net, iph, 1);
> }
>
> old code (executed irrespective of DF or not):
>
> ip_select_ident(sock_net(sk), skb, sk);
>
> The code in Stevens is basically iph->id = htons(ip_ident++) and now
> it seems to be calculated based on a hash + lookup table.
>
> So where is the id of 0 overwritten when DF is set? Didn't find any
> info in the docs.
IP id doesn't matter if Dont Fragment bit is set. The IP id is used
by receiver (and firewalls) to coalesce fragments by the ID. If DF
is set no system in the path is supposed to fragment. The idea is
to reduce the number of possible cases of fragment collisions.
> P.S. - is this the right mailing list for these kind of questions?
Sort of, the list is more about technical discussions and patches.
You could find more info by using git blame to find the commit that
introduced the change, then read the log for that.
Powered by blists - more mailing lists