lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 16 Jan 2019 12:44:16 +0000 From: wangyunjian <wangyunjian@...wei.com> To: Toshiaki Makita <makita.toshiaki@....ntt.co.jp> CC: "netdev@...r.kernel.org" <netdev@...r.kernel.org>, xudingke <xudingke@...wei.com>, "bridge@...ts.linux-foundation.org" <bridge@...ts.linux-foundation.org>, Nkolay Aleksandrov <nikolay@...ulusnetworks.com>, Roopa Prabhu <roopa@...ulusnetworks.com> Subject: RE: [PATCH net v2] net: bridge: Fix ethernet header pointer before check skb forwardable > -----Original Message----- > From: Toshiaki Makita [mailto:makita.toshiaki@....ntt.co.jp] > Sent: Tuesday, January 15, 2019 3:50 PM > To: wangyunjian <wangyunjian@...wei.com> > Cc: netdev@...r.kernel.org; xudingke <xudingke@...wei.com>; > bridge@...ts.linux-foundation.org; Nkolay Aleksandrov > <nikolay@...ulusnetworks.com>; Roopa Prabhu > <roopa@...ulusnetworks.com> > Subject: Re: [PATCH net v2] net: bridge: Fix ethernet header pointer before > check skb forwardable > > On 2019/01/15 12:12, wangyunjian wrote: > > From: Yunjian Wang <wangyunjian@...wei.com> > > > > The skb header should be set to ethernet header before using > > is_skb_forwardable. Because the ethernet header length has been > > considered in is_skb_forwardable(including dev->hard_header_len > > length). > > > > To reproduce the issue: > > 1, add 2 ports on linux bridge br using following commands: > > $ brctl addbr br > > $ brctl addif br eth0 > > $ brctl addif br eth1 > > 2, the mtu of eth0 and eth1 is 1500 > > 3, send a 1504 packet from eth0 to eth1 > > > > So the expect result is packet larger than 1500 cannot pass through > > eth0 and eth1. But currently, the packet passes through success, it > > means eth1's mtu limit donen't take effect. > > I agree with the change but this test does not look appropriate. > In the first place is_skb_forwardable() accepts 4 bytes extra size (for VLAN > header). Doesn't your test case fail even after the change? > > -- > Toshiaki Makita Before executing the functions is_skb_forwardable() and skb_push(), the actual packet consist of the follwing parts, Data 1480, UDP 8, IP 20, Ethernet 14, VLAN 4. And the value of variables are dev->mtu=1500, dev->hard_header_len=14 and skb->len=1508. The packet cannot pass through. I will fix the previous description of packet len. Thanks, Yunjian
Powered by blists - more mailing lists