lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Fri, 11 Jan 2019 13:21:16 +0100
From:   Michal Kubecek <>
To:     Eric Dumazet <>
Cc:     Florian Westphal <>, Tom Herbert <>,
        Linux Kernel Network Developers <>,
        "David S. Miller" <>,
        Eric Dumazet <>,
        Peter Oskolkov <>,
        Timothy Winters <>
Subject: Re: [PATCH v3 23/30] ipv6: defrag: drop non-last frags smaller than
 min mtu

On Fri, Jan 11, 2019 at 02:57:39AM -0800, Eric Dumazet wrote:
> On 01/10/2019 02:22 PM, Florian Westphal wrote:
> > Tom Herbert <> wrote:
> >> I couldn't find any mention of the advisory in the commit logs or
> >> netdev discussion, and apparently there's no protocol requirement that
> >> intermediate fragements need to be at least minimal MTU. Maybe this
> >> patch should be reverted?
> > 
> > Currently ipv6 reasm doesn't use rbtree infrastructure, so it would
> > have to be converted first.
> <quote>
> Section 4.5 of RFC 8200 allows for sending any fragment for
> fragments as long they add up to the original packet. 
> </quote>
> I do not believe we need an rbtree to implement this idea.

IMHO Florian meant that allowing arbitrarily small fragments would harm
resistance against FragmentSmack type attacks so that we might need
rbtree based queues to be reasonably safe.

Michal Kubecek

Powered by blists - more mailing lists