lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Sun, 26 May 2019 22:13:39 -0700 (PDT)
From:   David Miller <davem@...emloft.net>
To:     dsahern@...nel.org
Cc:     netdev@...r.kernel.org, dsahern@...il.com
Subject: Re: [PATCH net-next] selftest: Fixes for icmp_redirect test

From: David Ahern <dsahern@...nel.org>
Date: Fri, 24 May 2019 16:37:07 -0700

> From: David Ahern <dsahern@...il.com>
> 
> I was really surprised that the IPv6 mtu exception followed by redirect
> test was passing as nothing about the code suggests it should. The problem
> is actually with the logic in the test script.
> 
> Fix the test cases as follows:
> 1. add debug function to dump the initial and redirect gateway addresses
>    for ipv6. This is shown only in verbose mode. It helps verify the
>    output of 'route get'.
> 
> 2. fix the check_exception logic for the reset case to make sure that
>    for IPv4 neither mtu nor redirect appears in the 'route get' output.
>    For IPv6, make sure mtu is not present and the gateway is the initial
>    R1 lladdr.
> 
> 3. fix the reset logic by using a function to delete the routes added by
>    initial_route_*. This format works better for the nexthop version of
>    the tests.
> 
> While improving the test cases, go ahead and ensure that forwarding is
> disabled since IPv6 redirect requires it.
> 
> Also, runs with kernel debugging enabled sometimes show a failure with
> one of the ipv4 tests, so spread the pings over longer time interval.
> 
> The end result is that 2 tests now show failures:
> 
> TEST: IPv6: mtu exception plus redirect                    [FAIL]
> 
> and the VRF version.
> 
> This is a bug in the IPv6 logic that will need to be fixed
> separately. Redirect followed by MTU works because __ip6_rt_update_pmtu
> hits the 'if (!rt6_cache_allowed_for_pmtu(rt6))' path and updates the
> mtu on the exception rt6_info.
> 
> MTU followed by redirect does not have this logic. rt6_do_redirect
> creates a new exception and then rt6_insert_exception removes the old
> one which has the MTU exception.
> 
> Fixes: ec8105352869 ("selftests: Add redirect tests")
> Signed-off-by: David Ahern <dsahern@...il.com>

Applied, thanks.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ