lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sat, 16 Apr 2022 01:16:52 -0700 From: Peilin Ye <yepeilin.cs@...il.com> To: Jakub Kicinski <kuba@...nel.org> Cc: "David S. Miller" <davem@...emloft.net>, Hideaki YOSHIFUJI <yoshfuji@...ux-ipv6.org>, David Ahern <dsahern@...nel.org>, Peilin Ye <peilin.ye@...edance.com>, Cong Wang <cong.wang@...edance.com>, Feng Zhou <zhoufeng.zf@...edance.com>, netdev@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH net 2/2] ip6_gre: Fix skb_under_panic in __gre6_xmit() On Sat, Apr 16, 2022 at 09:33:20AM +0200, Jakub Kicinski wrote: > On Fri, 15 Apr 2022 23:56:33 -0700 Peilin Ye wrote: > > On Fri, Apr 15, 2022 at 07:11:33PM +0200, Jakub Kicinski wrote: > > > > Could you explain this a bit more? It seems that commit 77a5196a804e > > > > ("gre: add sequence number for collect md mode.") added this > > > > intentionally. > > > > > > Interesting. Maybe a better way of dealing with the problem would be > > > rejecting SEQ if it's not set on the device itself. > > > > According to ip-link(8), the 'external' option is mutually exclusive > > with the '[o]seq' option. In other words, a collect_md mode IP6GRETAP > > device should always have the TUNNEL_SEQ flag off in its > > 'tunnel->parms.o_flags'. > > > > (However, I just tried: > > > > $ ip link add dev ip6gretap11 type ip6gretap oseq external > > ^^^^ ^^^^^^^^ > > ...and my 'ip' executed it with no error. I will take a closer look at > > iproute2 later; maybe it's undefined behavior...) > > > > How about: > > > > 1. If 'external', then 'oseq' means "always turn off NETIF_F_LLTX, so > > it's okay to set TUNNEL_SEQ in e.g. eBPF"; > > > > 2. Otherwise, if 'external' but NOT 'oseq', then whenever we see a > > TUNNEL_SEQ in skb's tunnel info, we do something like WARN_ONCE() then > > return -EINVAL. > > Maybe pr_warn_once(), no need for a stacktrace. Ah, thanks, coffee needed... > > > When the device is set up without the SEQ bit enabled it disables Tx > > > locking (look for LLTX). This means that multiple CPUs can try to do > > > the tunnel->o_seqno++ in parallel. Not catastrophic but racy for sure. > > > > Thanks for the explanation! At first glance, I was wondering why don't > > we make 'o_seqno' atomic until I found commit b790e01aee74 ("ip_gre: > > lockless xmit"). I quote: > > > > """ > > Even using an atomic_t o_seq, we would increase chance for packets being > > out of order at receiver. > > """ > > > > I don't fully understand this out-of-order yet, but it seems that making > > 'o_seqno' atomic is not an option? > > atomic_t would also work (if it has enough bits). Whatever is simplest > TBH. It's just about correctness, I don't think seq is widely used. I see, I will work on this, thanks! Peilin Ye
Powered by blists - more mailing lists