| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1533293737.16128.105.camel@infradead.org>
Date: Fri, 03 Aug 2018 11:55:37 +0100
From: David Woodhouse <dwmw2@...radead.org>
To: David Miller <davem@...emloft.net>, edumazet@...gle.com
Cc: juha-matti.tilli@....fi, ycheng@...gle.com, soheil@...gle.com,
netdev@...r.kernel.org, eric.dumazet@...il.com,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Subject: Re: [PATCH net 0/5] tcp: more robust ooo handling
On Mon, 2018-07-23 at 12:03 -0700, David Miller wrote:
> From: Eric Dumazet <edumazet@...gle.com>
> Date: Mon, 23 Jul 2018 09:28:16 -0700
>
> > Juha-Matti Tilli reported that malicious peers could inject tiny
> > packets in out_of_order_queue, forcing very expensive calls
> > to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for
> > every incoming packet.
> >
> > With tcp_rmem[2] default of 6MB, the ooo queue could
> > contain ~7000 nodes.
> >
> > This patch series makes sure we cut cpu cycles enough to
> > render the attack not critical.
> >
> > We might in the future go further, like disconnecting
> > or black-holing proven malicious flows.
>
> Sucky...
>
> It took me a while to understand the sums_tiny logic, every
> time I read that function I forget that we reset all of the
> state and restart the loop after a coalesce inside the loop.
>
> Series applied, and queued up for -stable.
I see the first four in 4.9.116 but not the fifth (adding
tcp_ooo_try_coalesce()).
Is that intentional?
Download attachment "smime.p7s" of type "application/x-pkcs7-signature" (5213 bytes)
Powered by blists - more mailing lists