| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 4 May 2022 07:47:18 -0700
From: Jakub Kicinski <kuba@...nel.org>
To: Paolo Abeni <pabeni@...hat.com>
Cc: Jamal Hadi Salim <jhs@...atatu.com>, netdev@...r.kernel.org,
Cong Wang <xiyou.wangcong@...il.com>,
Jiri Pirko <jiri@...nulli.us>
Subject: Re: [PATCH net] net/sched: act_pedit: really ensure the skb is
writable
On Wed, 04 May 2022 10:52:59 +0200 Paolo Abeni wrote:
> On Tue, 2022-05-03 at 16:10 -0400, Jamal Hadi Salim wrote:
> > What was the tc pedit command that triggered this?
>
> From the mptcp self-tests, mptcp_join.sh:
>
> tc -n $ns2 filter add dev ns2eth$i egress \
> protocol ip prio 1000 \
> handle 42 fw \
> action pedit munge offset 148 u8 invert \
> pipe csum tcp \
> index 100 || exit 1
>
> It's used to corrupt a packet so that TCP csum is still correct while
> the MPTCP one is not.
>
> The relevant part is that the touched offset is outside the skb head.
>
> > Can we add it to tdc tests?
>
> What happens in the mptcp self-tests it that an almost simultaneous
> mptcp-level reinjection on another device using the same cloned data
> get unintentionally corrupted and we catch it - when it sporadically
> happens - via the MPTCP mibs.
>
> While we could add the above pedit command, but I fear that a
> meaningful test for the issue addressed here not fit the tdc
> infrastructure easily.
For testing stuff like this would it be possible to inject packets
with no headers pulled and frags in pages we marked read-only?
We can teach netdevsim to do it.
Obviously not as a pre-requisite for this patch.
Powered by blists - more mailing lists