lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CANn89iJgK-_xgFSjpH4m0qmcgwEMaTse7D=XbG-2qi=Gnej+xA@mail.gmail.com>
Date: Mon, 19 Aug 2024 14:56:26 +0200
From: Eric Dumazet <edumazet@...gle.com>
To: Petr Vorel <pvorel@...e.cz>
Cc: Xin Long <lucien.xin@...il.com>, netdev@...r.kernel.org
Subject: Re: [RFC] Big TCP and ping support vs. max ICMP{,v6} packet size

On Mon, Aug 19, 2024 at 2:50 PM Petr Vorel <pvorel@...e.cz> wrote:
>
> Hi Eric, Xin,
>
> I see you both worked on Big TCP support for IPv4/IPv6. I wonder if anybody was
> thinking about add Big TCP to raw socket or ICMP datagram socket. I'm not sure
> what would be a real use case (due MTU limitation is Big TCP mostly used on
> local networks anyway).

I think you are mistaken.

BIG TCP does not have any MTU restrictions and can be used on any network.

Think about BIG TCP being GSO/TSO/GRO with bigger logical packet sizes.

>
> I'm asking because I'm just about to limit -s value for ping in iputils (this
> influences size of payload of ICMP{,v6} being send) to 65507 (IPv4) or 65527 (IPv6):
>
> 65507 = 65535 (IPv4 packet size) - 20 (min IPv4 header size) - 8 (ICMP header size)
> 65527 = 65535 (IPv6 packet size) - 8 (ICMPv6 header size)

This would involve IP fragmentation, this is orthogonal to GSO/GRO.

>
> which would then block using Big TCP.
>
> The reasons are:
> 1) The implementation was wrong [1] (signed integer overflow when using
> INT_MAX).
>
> 2) Kernel limits it exactly to these values:
>
> * ICMP datagram socket net/ipv4/ping.c in ping_common_sendmsg() [2] (used in
> both ping_v4_sendmsg() and ping_v6_sendmsg()):
>
>         if (len > 0xFFFF)
>                 return -EMSGSIZE;
>
> * raw socket IPv4 in raw_sendmsg() [3]:
>
>         err = -EMSGSIZE;
>         if (len > 0xFFFF)
>                 goto out;
>
> * Raw socket IPv6 I suppose either in rawv6_send_hdrinc() [4] (I suppose when
> IP_HDRINCL set when userspace passes also IP header) or in ip6_append_data() [5]
> otherwise.
>
> 3) Other ping implementations also limit it [6] (I suppose due 2)).
>
> Kind regards,
> Petr
>
> [1] https://github.com/iputils/iputils/issues/542
> [2] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/net/ipv4/ping.c?h=v6.11-rc4#n655
> [3] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/net/ipv4/raw.c?h=v6.11-rc4#n498
> [4] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/net/ipv6/raw.c?h=v6.11-rc4#n605
> [5] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/net/ipv6/ip6_output.c?h=v6.11-rc4#n1453
> [6] https://github.com/pevik/iputils/wiki/Maximum-value-for-%E2%80%90s-(size)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ