lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 12 Nov 2020 16:50:23 -0800
From:   John Fastabend <john.fastabend@...il.com>
To:     Jakub Sitnicki <jakub@...udflare.com>,
        Daniel Borkmann <daniel@...earbox.net>,
        Santucci Pierpaolo <santucci@...genesys.com>
Cc:     Andrii Nakryiko <andrii.nakryiko@...il.com>,
        Shuah Khan <shuah@...nel.org>,
        Alexei Starovoitov <ast@...nel.org>, Martin Lau <kafai@...com>,
        Song Liu <songliubraving@...com>, Yonghong Song <yhs@...com>,
        Andrii Nakryiko <andrii@...nel.org>,
        john fastabend <john.fastabend@...il.com>,
        KP Singh <kpsingh@...omium.org>,
        Networking <netdev@...r.kernel.org>, bpf <bpf@...r.kernel.org>,
        sdf@...gle.com
Subject: Re: [PATCH] selftest/bpf: fix IPV6FR handling in flow dissector

Jakub Sitnicki wrote:
> On Thu, Nov 12, 2020 at 12:06 AM CET, Daniel Borkmann wrote:
> 
> [...]
> 
> >>> I'm not initimately familiar with this test, but looking at the change
> >>> I'd consider that Destinations Options and encapsulation headers can
> >>> follow the Fragment Header.
> >>>
> >>> With enough of Dst Opts or levels of encapsulation, transport header
> >>> could be pushed to the 2nd fragment. So I'm not sure if the assertion
> >>> from the IPv4 dissector that 2nd fragment and following doesn't contain
> >>> any parseable header holds.
> >
> > Hm, staring at rfc8200, it says that the first fragment packet must include
> > the upper-layer header (e.g. tcp, udp). The patch here should probably add a
> > comment wrt to the rfc.
> 
> You're right, it clearly says so. Nevermind my worries about malformed
> packets then. Change LGTM:
> 
> Reviewed-by: Jakub Sitnicki <jakub@...udflare.com>

Also please add some of the details discussed here to the commit msg so
we can remember this next time. 

Thanks!

Powered by blists - more mailing lists