lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Thu, 13 Feb 2020 16:26:46 +0100
From:   William Dauchy <w.dauchy@...teo.com>
To:     Nicolas Dichtel <nicolas.dichtel@...nd.com>
Cc:     netdev@...r.kernel.org
Subject: Re: [PATCH v3 net] net, ip6_tunnel: enhance tunnel locate with link
 check

On Thu, Feb 13, 2020 at 10:34:19AM +0100, Nicolas Dichtel wrote:
> > mtu = ETH_DATA_LEN;
> > if (t->parms.link) {
> > 	tdev = __dev_get_by_index(t->net, t->parms.link);
> > 	if (tdev && tdev->mtu < mtu)
> Why this second condition? Why not allowing more than ETH_DATA_LEN (1500)?
> ip_tunnels do:
>         if (tdev) {
> 
>                 hlen = tdev->hard_header_len + tdev->needed_headroom;
> 
>                 mtu = min(tdev->mtu, IP_MAX_MTU);
> 
>         }
> which seems better.

I wrongly mixed the two codes in my head as I wanted to take the lowest
of the two values; will correct that; sorry for the confusion.

> Note also that you patch ip6_tnl_dev_init_gen(), but ip6_tnl_link_config() is
> called later and may adjust the mtu. I would suggest to take care of link mtu in
> ip6_tnl_link_config().

agreed, I overlooked it. Unsure whether I can put it in CAP_XMIT
condition as well.

> hard_header_len is not set for ipv4 tunnels, but for ipv6 tunnels:
>         dev->hard_header_len = LL_MAX_HEADER + t_hlen;
> 
> This is not the real value, I don't think you can calculate the real mtu based
> on this.

understood, I indeed did not noticed hard_header_len was not set in
ip_tunnel.

Best,
-- 
William

Powered by blists - more mailing lists