lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <f78e2051-714d-ff74-7e36-bea3b4edc682@workingcode.com>
Date:   Wed, 5 Jan 2022 11:35:52 -0500
From:   James Carlson <carlsonj@...kingcode.com>
To:     Guillaume Nault <gnault@...hat.com>
Cc:     Eric Dumazet <eric.dumazet@...il.com>,
        "David S . Miller" <davem@...emloft.net>,
        Jakub Kicinski <kuba@...nel.org>,
        netdev <netdev@...r.kernel.org>,
        Eric Dumazet <edumazet@...gle.com>,
        Paul Mackerras <paulus@...ba.org>, linux-ppp@...r.kernel.org,
        syzbot <syzkaller@...glegroups.com>
Subject: Re: [PATCH net] ppp: ensure minimum packet size in ppp_write()

On 1/5/22 11:29, Guillaume Nault wrote:
> On Wed, Jan 05, 2022 at 10:30:09AM -0500, James Carlson wrote:
>> On 1/5/22 08:19, Guillaume Nault wrote:
>>> On Wed, Jan 05, 2022 at 03:48:42AM -0800, Eric Dumazet wrote:
>>>> From: Eric Dumazet <edumazet@...gle.com>
>>>>
>>>> It seems pretty clear ppp layer assumed user space
>>>> would always be kind to provide enough data
>>>> in their write() to a ppp device.
>>>>
>>>> This patch makes sure user provides at least
>>>> 2 bytes.
>>>>
>>>> It adds PPP_PROTO_LEN macro that could replace
>>>> in net-next many occurrences of hard-coded 2 value.
>>>
>>> The PPP header can be compressed to only 1 byte, but since 2 bytes is
>>> assumed in several parts of the code, rejecting such packets in
>>> ppp_xmit() is probably the best we can do.
>>
>> The only ones that can be compressed are those less than 0x0100, which
>> are (intentionally) all network layer protocols.  We should be getting
>> only control protocol messages though the user-space interface, not
>> network layer, so I'd say it's not just the best we can do, but indeed
>> the right thing to do by design.
> 
> Well, I know of at least one implementation that used to transmit data
> by writing on ppp unit file descriptors. That was a hack to work around
> some other problems. Not a beautiful one, but it worked.
> 

So, if you do that sort of hack, then you're constrained to send
uncompressed protocol numbers regardless of what's negotiated. That
seems like a tiny concession. (And receivers are required to handle
uncompressed no matter what LCP negotiation says, per 1661 6.5.)

And I'd still maintain that the intended design is that control
protocols are handled by the user portion, while network layer protocols
are connected in the kernel.

-- 
James Carlson         42.703N 71.076W         <carlsonj@...kingcode.com>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ