| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAHM1nT3NJH04pXdUONVgX5iUAXAWsRHajQKXnBC8G5Sh17R4KQ@mail.gmail.com>
Date: Wed, 27 Feb 2019 15:12:31 -0800
From: IMBRIUS AGER <imbrius.ager@...il.com>
To: netdev@...r.kernel.org
Cc: daniel@...earbox.net, xiyou.wangcong@...il.com,
dcaratti@...hat.com, davem@...emloft.net, jhs@...atatu.com,
jiri@...nulli.us, vladbu@...lanox.com
Subject: tc ebpf da failed to read the udp data when data length >= 215
Hello:
I am having an odd issue.
I tried to read the udp data by tc ebpf da, however it worked only
when the data length <= 214.
As far as I know, data_end points to the end of the linear data,
that means the skb should be enough for more than 214 in general.
Any ideas about how to avoid the issue? Thanks!
# uname -a
Linux ip-10-0-0-2 4.15.0-1021-aws #21-Ubuntu SMP Tue Aug 28 10:23:07
UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
# tc -V
tc utility, iproute2-ss180129
Here is the test code:
#############################################################
ebpf_debug("level 4: %p - %p\n", udph, data_end);
__u32 *data32 = (__u32 *)(udph + 1);;
ebpf_debug("level 7: %p - %p\n", data32, data_end);
if (data32 + 1 > data_end)
return;
ebpf_debug("%u\n", data32[0]);
############################################################
Here is the test:
1) 10.0.0.3-me # nmap -sU -p 10000 10.0.0.2 --data-length 214
level 4: 00000000c6983314 - 00000000b11428cf
level 7: 000000002a31fcec - 00000000b11428cf
4036810185
2) 10.0.0.3-me # nmap -sU -p 10000 10.0.0.2 --data-length 215
level 4: 00000000ce4077ab - 00000000ce32b26c
level 7: 00000000ce32b26c - 00000000ce32b26c
Powered by blists - more mailing lists