| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CACAyw988GP=gwREKA=SxmfTq+eDP=W537Mz0wyAVLVb2YWjFmw@mail.gmail.com> Date: Thu, 18 Apr 2019 14:01:49 +0200 From: Lorenz Bauer <lmb@...udflare.com> To: Florian Westphal <fw@...len.de> Cc: herbert@...dor.apana.org.au, netdev@...r.kernel.org Subject: Re: Question re. skb_orphan for TPROXY Hello Florian, Thank you, that makes sense. I guess that technically early demux also relies on the skb_orphan call to function? I think that's what confused me. Best Lorenz On Tue, 16 Apr 2019 at 17:00, Florian Westphal <fw@...len.de> wrote: > > Lorenz Bauer <lmb@...udflare.com> wrote: > > Apologies for contacting you out of the blue. I'm currently trying to > > understand how TPROXY works under the hood. As part of this endeavour, > > I've stumbled upon the commit attached to this email. > > > > From the commit message I infer that somewhere, TPROXY relies on a > > check of skb->sk == NULL to function. However, I can't figure out > > where! I've traced TPROXY from NF_HOOK(NF_INET_PRE_ROUTING) just after > > the call to skb_orphan to __inet_lookup_skb / skb_steal_sock called > > from the TCP and UDP receive functions, and as far as I can tell there > > is no such check. Can you maybe shed some light on this? > > Without the skb_orphan udp/tcp might steal tunnel/ppp etc. socket > instead of tproxy assigned tcp/udp socket. -- Lorenz Bauer | Systems Engineer 25 Lavington St., London SE1 0NZ www.cloudflare.com
Powered by blists - more mailing lists