lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20180517.164208.574367250425398030.davem@davemloft.net>
Date:   Thu, 17 May 2018 16:42:08 -0400 (EDT)
From:   David Miller <davem@...emloft.net>
To:     petrm@...lanox.com
Cc:     netdev@...r.kernel.org, kuznet@....inr.ac.ru,
        yoshfuji@...ux-ipv6.org, u9012063@...il.com, xeb@...l.ru
Subject: Re: [PATCH net 0/7] net: ip6_gre: Fixes in headroom handling

From: Petr Machata <petrm@...lanox.com>
Date: Thu, 17 May 2018 16:36:04 +0200

> This series mends some problems in headroom management in ip6_gre
> module. The current code base has the following three closely-related
> problems:
> 
> - ip6gretap tunnels neglect to ensure there's enough writable headroom
>   before pushing GRE headers.
> 
> - ip6erspan does this, but assumes that dev->needed_headroom is primed.
>   But that doesn't happen until ip6_tnl_xmit() is called later. Thus for
>   the first packet, ip6erspan actually behaves like ip6gretap above.
> 
> - ip6erspan shares some of the code with ip6gretap, including
>   calculations of needed header length. While there is custom
>   ERSPAN-specific code for calculating the headroom, the computed
>   values are overwritten by the ip6gretap code.
> 
> The first two issues lead to a kernel panic in situations where a packet
> is mirrored from a veth device to the device in question. They are
> fixed, respectively, in patches #1 and #2, which include the full panic
> trace and a reproducer.
> 
> The rest of the patchset deals with the last issue. In patches #3 to #6,
> several functions are split up into reusable parts. Finally in patch #7
> these blocks are used to compose ERSPAN-specific callbacks where
> necessary to fix the hlen calculation.

Series applied, thank you.

Those reproducable test cases in the various commit messages are
pretty awesome.  Could you please extract them and put them somewhere
appropriate under selftests?

Thank you.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ