lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <CAB=W+o=fE_ayeHbJb7yp_7bxHwOWxpHQkC+T_isFoW8iJ8e0HQ@mail.gmail.com>
Date:   Sat, 27 Apr 2019 18:14:50 -0600
From:   Captain Wiggum <captwiggum@...il.com>
To:     Peter Oskolkov <posk@...gle.com>
Cc:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        stable@...r.kernel.org, netdev@...r.kernel.org,
        Peter Oskolkov <posk@...k.io>,
        David Miller <davem@...emloft.net>,
        Eric Dumazet <edumazet@...gle.com>,
        Sasha Levin <sashal@...nel.org>
Subject: Re: [PATCH 4.14 stable 0/5] net: ip6 defrag: backport fixes

Hi Peter,

The TAHI test has completed its run on this patch for the 4.14 kernel.
The results are mixed. First let me review your 4.19 patch for clarification.

The patch you did for 4.19 fixed two issues intentionally, and fixed
one more unintentionally.
The rbtrees and the IP6 header fragments smaller than MTU was the
focus of the patch.
But I was quite happy to see another long nagging issue was fixed by
the 4.19 patch:
Subject: IPv6 unexpectedly changes MTU on wrong interface
https://lore.kernel.org/netdev/CAB=W+o=Ar4sScW3tkn+bscMTC-XzWSqY7D5mm=XF=no-XXsb_A@mail.gmail.com/

The TAHI testing of the 4.14 patch confirms the two focus issues are
indeed completely fixed:
rbtrees and the IP6 header fragments smaller than MTU was the focus of
the patch.
But unfortunately the third issue is not fixed in this patch.
I know it is not the focus of this effort, but was hoping this fix
would come along for the ride.

All in all, we are happy to get these two fixes. As they say, do not
look a gift horse in the mouth.
If it's just an overlooked patch of low effort to fix the MTU issue,
it would be a great victory.
So you be the judge. We can release as-is, or take a little look-e-loo
for the third issue.

Thank you again to Peter and Google team for these fixes!

--John Masinter

On Mon, Apr 22, 2019 at 4:29 PM Peter Oskolkov <posk@...gle.com> wrote:
>
> This is a backport of a 5.1rc patchset:
>   https://patchwork.ozlabs.org/cover/1029418/
>
> Which was backported into 4.19:
>   https://patchwork.ozlabs.org/cover/1081619/
>
> I had to backport two additional patches into 4.14 to make it work.
>
>
> John Masinter (captwiggum), could you, please, confirm that this
> patchset fixes TAHI tests? (I'm reasonably certain that it does, as
> I ran ip_defrag selftest, but given the amount of changes here,
> another set of completed tests would be nice to have).
>
>
> Eric Dumazet (1):
>   ipv6: frags: fix a lockdep false positive
>
> Florian Westphal (1):
>   ipv6: remove dependency of nf_defrag_ipv6 on ipv6 module
>
> Peter Oskolkov (3):
>   net: IP defrag: encapsulate rbtree defrag code into callable functions
>   net: IP6 defrag: use rbtrees for IPv6 defrag
>   net: IP6 defrag: use rbtrees in nf_conntrack_reasm.c
>
>  include/net/inet_frag.h                   |  16 +-
>  include/net/ipv6.h                        |  29 --
>  include/net/ipv6_frag.h                   | 111 +++++++
>  net/ieee802154/6lowpan/reassembly.c       |   2 +-
>  net/ipv4/inet_fragment.c                  | 293 ++++++++++++++++++
>  net/ipv4/ip_fragment.c                    | 290 ++----------------
>  net/ipv6/netfilter/nf_conntrack_reasm.c   | 279 +++++------------
>  net/ipv6/netfilter/nf_defrag_ipv6_hooks.c |   3 +-
>  net/ipv6/reassembly.c                     | 357 +++++-----------------
>  net/openvswitch/conntrack.c               |   1 +
>  10 files changed, 616 insertions(+), 765 deletions(-)
>  create mode 100644 include/net/ipv6_frag.h
>
> --
> 2.21.0.593.g511ec345e18-goog
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ