lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20230412072104.61910016@kernel.org>
Date:   Wed, 12 Apr 2023 07:21:04 -0700
From:   Jakub Kicinski <kuba@...nel.org>
To:     Matthieu Baerts <matthieu.baerts@...sares.net>
Cc:     Pablo Neira Ayuso <pablo@...filter.org>,
        netfilter-devel@...r.kernel.org, davem@...emloft.net,
        netdev@...r.kernel.org, pabeni@...hat.com, edumazet@...gle.com,
        mathew.j.martineau@...ux.intel.com, mptcp@...ts.linux.dev
Subject: Re: [PATCH net,v2] uapi: linux: restore IPPROTO_MAX to 256 and add
 IPPROTO_UAPI_MAX

On Thu, 6 Apr 2023 12:45:25 +0200 Matthieu Baerts wrote:
> The modification in the kernel looks good to me. But I don't know how to
> make sure this will not have any impact on MPTCP on the userspace side,
> e.g. somewhere before calling the socket syscall, a check could be done
> to restrict the protocol number to IPPROTO_MAX and then breaking MPTCP
> support.

Then again any code which stores the ipproto in an unsigned char will 
be broken. A perfect solution is unlikely to exist.

> Is it not safer to expose something new to userspace, something
> dedicated to what can be visible on the wire?
> 
> Or recommend userspace programs to limit to lower than IPPROTO_RAW
> because this number is marked as "reserved" by the IANA anyway [1]?
> 
> Or define something new linked to UINT8_MAX because the layer 4 protocol
> field in IP headers is limited to 8 bits?
> This limit is not supposed to be directly linked to the one of the enum
> you modified. I think we could even say it works "by accident" because
> "IPPROTO_RAW" is 255. But OK "IPPROTO_RAW" is there from the "beginning"
> [2] :)

I'm not an expert but Pablo's patch seems reasonable to me TBH.
Maybe I'm missing some extra MPTCP specific context?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ