| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 11 Jan 2019 13:21:16 +0100
From: Michal Kubecek <mkubecek@...e.cz>
To: Eric Dumazet <eric.dumazet@...il.com>
Cc: Florian Westphal <fw@...len.de>, Tom Herbert <tom@...bertland.com>,
Linux Kernel Network Developers <netdev@...r.kernel.org>,
"David S. Miller" <davem@...emloft.net>,
Eric Dumazet <edumazet@...gle.com>,
Peter Oskolkov <posk@...gle.com>,
Timothy Winters <twinters@....unh.edu>
Subject: Re: [PATCH v3 23/30] ipv6: defrag: drop non-last frags smaller than
min mtu
On Fri, Jan 11, 2019 at 02:57:39AM -0800, Eric Dumazet wrote:
> On 01/10/2019 02:22 PM, Florian Westphal wrote:
> > Tom Herbert <tom@...bertland.com> wrote:
> >> I couldn't find any mention of the advisory in the commit logs or
> >> netdev discussion, and apparently there's no protocol requirement that
> >> intermediate fragements need to be at least minimal MTU. Maybe this
> >> patch should be reverted?
> >
> > Currently ipv6 reasm doesn't use rbtree infrastructure, so it would
> > have to be converted first.
>
> <quote>
> Section 4.5 of RFC 8200 allows for sending any fragment for
> fragments as long they add up to the original packet.
> </quote>
>
> I do not believe we need an rbtree to implement this idea.
IMHO Florian meant that allowing arbitrarily small fragments would harm
resistance against FragmentSmack type attacks so that we might need
rbtree based queues to be reasonably safe.
Michal Kubecek
Powered by blists - more mailing lists