lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-Id: <20180417.152308.2158598560471437905.davem@davemloft.net>
Date:   Tue, 17 Apr 2018 15:23:08 -0400 (EDT)
From:   David Miller <davem@...emloft.net>
To:     ubraun@...ux.ibm.com
Cc:     netdev@...r.kernel.org, linux-s390@...r.kernel.org,
        schwidefsky@...ibm.com, heiko.carstens@...ibm.com,
        raspl@...ux.vnet.ibm.com, ubraun@...ux.vnet.ibm.com
Subject: Re: [PATCH net-next 2/4] net/smc: handle sockopt TCP_NODELAY

From: Ursula Braun <ubraun@...ux.ibm.com>
Date: Tue, 17 Apr 2018 17:18:13 +0200

> From: Ursula Braun <ubraun@...ux.vnet.ibm.com>
> 
> TCP sockopts must not interfere with the CLC handshake on the
> CLC socket. Therefore, we defer some of them till the CLC
> handshake has completed, like resetting TCP_NODELAY.
> 
> While touching setsockopt, the TCP_FASTOPEN sockopts are
> ignored, since SMC-connection setup is based on the TCP
> three-way-handshake.
> 
> Signed-off-by: Ursula Braun <ubraun@...ux.vnet.ibm.com>

Especially with fast-open, if you don't support the socket option
you should signal an error.

Also, the deferral mechanism means you'll never properly propagate
any errors back to the user.  The kernel_setsockopt() return value
isn't validated at all.

Color me not impressed at all with this change.

These kind of things have to have clear and proper semantics, plus
full error processing with proper propagation back to the user.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ