lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAL+tcoASNGr58b7_vF9_CCungW=ZZubE2xHDxb3QCQraAwsMpw@mail.gmail.com>
Date: Mon, 19 Aug 2024 07:48:36 +0800
From: Jason Xing <kerneljasonxing@...il.com>
To: Kuniyuki Iwashima <kuniyu@...zon.com>
Cc: 0x7f454c46@...il.com, davem@...emloft.net, dima@...sta.com, 
	dsahern@...nel.org, edumazet@...gle.com, kernelxing@...cent.com, 
	kuba@...nel.org, ncardwell@...gle.com, netdev@...r.kernel.org, 
	pabeni@...hat.com
Subject: Re: [PATCH net-next] tcp: do not allow to connect with the four-tuple
 symmetry socket

Hello Kuniyuki,

On Mon, Aug 19, 2024 at 2:49 AM Kuniyuki Iwashima <kuniyu@...zon.com> wrote:
>
> From: Jason Xing <kerneljasonxing@...il.com>
> Date: Sun, 18 Aug 2024 21:50:51 +0800
> > On Sun, Aug 18, 2024 at 1:16 PM Jason Xing <kerneljasonxing@...il.com> wrote:
> > >
> > > On Sun, Aug 18, 2024 at 12:25 PM Jason Xing <kerneljasonxing@...il.com> wrote:
> > > >
> > > > From: Jason Xing <kernelxing@...cent.com>
> > > >
> > > > Four-tuple symmetry here means the socket has the same remote/local
> > > > port and ipaddr, like this, 127.0.0.1:8000 -> 127.0.0.1:8000.
> > > > $ ss -nat | grep 8000
> > > > ESTAB      0      0          127.0.0.1:8000       127.0.0.1:8000
> >
> > Thanks to the failed tests appearing in patchwork, now I'm aware of
> > the technical term called "self-connection" in English to describe
> > this case. I will update accordingly the title, body messages,
> > function name by introducing "self-connection" words like this in the
> > next submission.
> >
> > Following this clue, I saw many reports happening in these years, like
> > [1][2]. Users are often astonished about this phenomenon and lost and
> > have to find various ways to workaround it. Since, in my opinion, the
> > self-connection doesn't have any advantage and usefulness,
>
> It's useful if you want to test simultaneous connect (SYN_SENT -> SYN_RECV)
> path as you see in TCP-AO tests.  See RFC 9293 and the (!ack && syn) case
> in tcp_rcv_synsent_state_process().
>
>   https://www.rfc-editor.org/rfc/rfc9293.html#section-3.5-7

Yes, I noticed this one: self-connection is one particular case among
simultaneously open cases. Honestly, it's really strange that client
and server uses a single socket.

>
> So you can't remove self-connect functionality, the recent main user is
> syzkaller though.

Ah, thanks for reminding me. It seems that I have to drop this patch
and there is no good way to resolve the issue in the kernel.

Thanks,
Jason

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ