lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 23 Dec 2019 12:02:41 -0800 From: Tom Herbert <tom@...bertland.com> To: Willem de Bruijn <willemdebruijn.kernel@...il.com> Cc: David Miller <davem@...emloft.net>, Network Development <netdev@...r.kernel.org>, Simon Horman <simon.horman@...ronome.com>, Tom Herbert <tom@...ntonium.net> Subject: Re: [PATCH v6 net-next 1/9] ipeh: Fix destopts and hopopts counters on drop On Mon, Dec 23, 2019 at 10:53 AM Willem de Bruijn <willemdebruijn.kernel@...il.com> wrote: > > On Mon, Dec 23, 2019 at 11:53 AM Tom Herbert <tom@...bertland.com> wrote: > > > > On Sun, Dec 22, 2019 at 8:21 AM Willem de Bruijn > > <willemdebruijn.kernel@...il.com> wrote: > > > > > > On Fri, Dec 20, 2019 at 6:39 PM Tom Herbert <tom@...bertland.com> wrote: > > > > > > > > From: Tom Herbert <tom@...ntonium.net> > > > > > > > > For destopts, bump IPSTATS_MIB_INHDRERRORS when limit of length > > > > of extension header is exceeded. > > > > > > > > For hop-by-hop options, bump IPSTATS_MIB_INHDRERRORS in same > > > > situations as for when destopts are dropped. > > > > > > > > Signed-off-by: Tom Herbert <tom@...bertland.com> > > > > --- > > > > net/ipv6/exthdrs.c | 7 ++++++- > > > > 1 file changed, 6 insertions(+), 1 deletion(-) > > > > > > > > diff --git a/net/ipv6/exthdrs.c b/net/ipv6/exthdrs.c > > > > index ab5add0..f605e4e 100644 > > > > --- a/net/ipv6/exthdrs.c > > > > +++ b/net/ipv6/exthdrs.c > > > > @@ -288,9 +288,9 @@ static int ipv6_destopt_rcv(struct sk_buff *skb) > > > > if (!pskb_may_pull(skb, skb_transport_offset(skb) + 8) || > > > > !pskb_may_pull(skb, (skb_transport_offset(skb) + > > > > ((skb_transport_header(skb)[1] + 1) << 3)))) { > > > > +fail_and_free: > > > > __IP6_INC_STATS(dev_net(dst->dev), idev, > > > > IPSTATS_MIB_INHDRERRORS); > > > > -fail_and_free: > > > > kfree_skb(skb); > > > > return -1; > > > > } > > > > @@ -820,8 +820,10 @@ static const struct tlvtype_proc tlvprochopopt_lst[] = { > > > > > > > > int ipv6_parse_hopopts(struct sk_buff *skb) > > > > { > > > > + struct inet6_dev *idev = __in6_dev_get(skb->dev); > > > > struct inet6_skb_parm *opt = IP6CB(skb); > > > > struct net *net = dev_net(skb->dev); > > > > + struct dst_entry *dst = skb_dst(skb); > > > > int extlen; > > > > > > > > /* > > > > @@ -834,6 +836,8 @@ int ipv6_parse_hopopts(struct sk_buff *skb) > > > > !pskb_may_pull(skb, (sizeof(struct ipv6hdr) + > > > > ((skb_transport_header(skb)[1] + 1) << 3)))) { > > > > fail_and_free: > > > > + __IP6_INC_STATS(dev_net(dst->dev), idev, > > > > + IPSTATS_MIB_INHDRERRORS); > > > > > > ip6_rcv_core, the only caller of ipv6_parse_hopopts, checks > > > skb_valid_dst(skb) before deref. Does this need the same? > > > > Hi Willem, > > > > Actually, it looks like ipv6_parse_hopopts is doing things the right > > way. __IP6_INC_STATS is called from ip6_rcv_core if ipv6_parse_hopopts > > and the net is always taken from skb->dev (not dst) in HBH path. I'll > > fix destopts to do the same. > > I don't entirely follow. The above code uses dev_net(dst->dev). Using > local variable net, derived from dev_net(skb->dev), here definitely > sounds good to me, if that's what you meant. Yes, I'm thinking to just do dev_net(skb->dev) in all cases of __IP6_INC_STATS for hopopts and destopts. Tom
Powered by blists - more mailing lists