lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 8 Apr 2019 08:59:03 -0700
From:   Peter Oskolkov <posk@...k.io>
To:     Sasha Levin <sashal@...nel.org>
Cc:     Captain Wiggum <captwiggum@...il.com>, davem@...emloft.net,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Florian Westphal <fw@...len.de>,
        Eric Dumazet <edumazet@...gle.com>,
        Peter Oskolkov <posk@...gle.com>, netdev@...r.kernel.org,
        stable@...r.kernel.org
Subject: Re: [PATCH net] ipv6: un-do: defrag: drop non-last frags smaller than
 min mtu

On Mon, Apr 8, 2019 at 8:51 AM Sasha Levin <sashal@...nel.org> wrote:
>
> On Mon, Apr 08, 2019 at 08:49:52AM -0600, Captain Wiggum wrote:
> >Hi Sasha,
> >
> >This patch cannot be applied to upstream, the code is significantly different.
> >Therefore, this un-do patch would not be seen in the upstream git log.
> >It was solved there by coding a better solution, not by the un-do patch.
>
> Okay, so this is effectively a request to diverge the -stable tree from
> upstream in a non-trivial way, which is why I asked David Miller to ack
> this act explcitly (or to send me patches, or whatever else he thinks is
> appropriate here).

I believe that applying this patch series:
https://patchwork.ozlabs.org/cover/1029418/
from upstream will achieve the desired outcome (assuming it applies cleanly).

>
> >Please consider this:
> >Upstream passes the TAHI IPv6 protocol tests. All the LTS kernels do NOT.
> >This is the patch that causes the failure in 4.9, 4.14, 4.19 LTS kernels.
>
> I very much agree that this should get fixed. My concerns are not with
> the bug but are with the proposed fix as it applies to -stable trees.
>
> >And this patch has been in place with 4.9.134, a long time.
> >It is not right that "Linux" can not pass the IPv6 protocol test.
> >My executive are asking me why "Linux" is not fit for IPv6 deployments.
>
> Arguments such as this carry no weight in a more technical discussion
> such as this. Yes, some tests are currently broken, but we will not take
> shortcuts just because "executives are unhappy".
>
> --
> Thanks,
> Sasha

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ