| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 8 Apr 2019 10:13:57 -0700
From: Peter Oskolkov <posk@...k.io>
To: Captain Wiggum <captwiggum@...il.com>
Cc: Sasha Levin <sashal@...nel.org>, davem@...emloft.net,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Florian Westphal <fw@...len.de>,
Eric Dumazet <edumazet@...gle.com>,
Peter Oskolkov <posk@...gle.com>, netdev@...r.kernel.org,
stable@...r.kernel.org
Subject: Re: [PATCH net] ipv6: un-do: defrag: drop non-last frags smaller than
min mtu
On Mon, Apr 8, 2019 at 9:29 AM Captain Wiggum <captwiggum@...il.com> wrote:
>
> Thank you Peter!
>
> I tried the patch on 4.9.167 & 4.19.32. It's out of sync with upstream.
> Looks like a little different work needed for each LTS kernel.
> Is someone is familiar with it, and is available to patch it?
I'll try to backport the patchset to 4.9 and send it out for review.
If it is accepted (this
will be my first stable backport attempt), I'll do the same for 4.14 and 4.19.
Thanks,
Peter
> If not, I'd be happy to do this and propose a patch for at least 4.9,
> 4.14, 4.19.
> I look forward to your feedback.
> -----
> patch against 4.9.167:
> include/net/inet_frag.h: 1 out of 2 hunks FAILED
> net/ipv4/ip_fragment.c: 4 out of 9 hunks FAILED
> can't find file to patch at input line 796: Not found: include/net/ipv6_frag.h
> -----
> patch against 4.19.32:
> net/ipv4/ip_fragment.c: 3 out of 9 hunks FAILED
> net/ipv6/reassembly.c: 2 out of 8 hunks FAILED
> can't find file to patch: tools/testing/selftests/net/ip_defrag.c
>
> --John Masinter
>
> On Mon, Apr 8, 2019 at 9:59 AM Peter Oskolkov <posk@...k.io> wrote:
> >
> > On Mon, Apr 8, 2019 at 8:51 AM Sasha Levin <sashal@...nel.org> wrote:
> > >
> > > On Mon, Apr 08, 2019 at 08:49:52AM -0600, Captain Wiggum wrote:
> > > >Hi Sasha,
> > > >
> > > >This patch cannot be applied to upstream, the code is significantly different.
> > > >Therefore, this un-do patch would not be seen in the upstream git log.
> > > >It was solved there by coding a better solution, not by the un-do patch.
> > >
> > > Okay, so this is effectively a request to diverge the -stable tree from
> > > upstream in a non-trivial way, which is why I asked David Miller to ack
> > > this act explcitly (or to send me patches, or whatever else he thinks is
> > > appropriate here).
> >
> > I believe that applying this patch series:
> > https://patchwork.ozlabs.org/cover/1029418/
> > from upstream will achieve the desired outcome (assuming it applies cleanly).
> >
> > >
> > > >Please consider this:
> > > >Upstream passes the TAHI IPv6 protocol tests. All the LTS kernels do NOT.
> > > >This is the patch that causes the failure in 4.9, 4.14, 4.19 LTS kernels.
> > >
> > > I very much agree that this should get fixed. My concerns are not with
> > > the bug but are with the proposed fix as it applies to -stable trees.
> > >
> > > >And this patch has been in place with 4.9.134, a long time.
> > > >It is not right that "Linux" can not pass the IPv6 protocol test.
> > > >My executive are asking me why "Linux" is not fit for IPv6 deployments.
> > >
> > > Arguments such as this carry no weight in a more technical discussion
> > > such as this. Yes, some tests are currently broken, but we will not take
> > > shortcuts just because "executives are unhappy".
> > >
> > > --
> > > Thanks,
> > > Sasha
Powered by blists - more mailing lists