lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CANn89iK6Zr4bTaMOevGkNZ-KYHGFaE-8x5y95UgJ5+AwJgdwJg@mail.gmail.com>
Date: Tue, 20 Aug 2024 20:35:13 +0200
From: Eric Dumazet <edumazet@...gle.com>
To: Petr Vorel <pvorel@...e.cz>
Cc: Xin Long <lucien.xin@...il.com>, netdev@...r.kernel.org
Subject: Re: [RFC] Big TCP and ping support vs. max ICMP{,v6} packet size

On Tue, Aug 20, 2024 at 5:38 PM Petr Vorel <pvorel@...e.cz> wrote:
>
> Hi Eric,
>
> > On Mon, Aug 19, 2024 at 2:50 PM Petr Vorel <pvorel@...e.cz> wrote:
>
> > > Hi Eric, Xin,
>
> > > I see you both worked on Big TCP support for IPv4/IPv6. I wonder if anybody was
> > > thinking about add Big TCP to raw socket or ICMP datagram socket. I'm not sure
> > > what would be a real use case (due MTU limitation is Big TCP mostly used on
> > > local networks anyway).
>
> > I think you are mistaken.
>
> > BIG TCP does not have any MTU restrictions and can be used on any network.
>
> > Think about BIG TCP being GSO/TSO/GRO with bigger logical packet sizes.
>
> First, thanks for a quick info. I need to study more BIG TCP. Because I was
> wondering if this could be used for sending larger ICMP echo requests > 65k
> as it's possible in FreeBSD, where it's done via Jumbograms [1]:
>
>         ping -6 -b 70000 -s 68000 ::1

I guess ip6_append_data() is a bit conservative and uses IPV6_MAXPLEN
while it should not ;)

Also ping needs to add the jumboheader if/when using RAW6 sockets

With the following patch, the following commands sends big packets just fine

ifconfig lo mtu 90000
ping -s 68000 ::1

diff --git a/net/ipv6/ip6_output.c b/net/ipv6/ip6_output.c
index ab504d31f0cdd8dec9ab01bf9d6e6517307609cd..6b1668e037dae3c88052c50f02f319355baf4304
100644
--- a/net/ipv6/ip6_output.c
+++ b/net/ipv6/ip6_output.c
@@ -1473,7 +1473,7 @@ static int __ip6_append_data(struct sock *sk,
        }

        if (ip6_sk_ignore_df(sk))
-               maxnonfragsize = sizeof(struct ipv6hdr) + IPV6_MAXPLEN;
+               maxnonfragsize = max_t(u32, mtu, sizeof(struct
ipv6hdr) + IPV6_MAXPLEN);
        else
                maxnonfragsize = mtu;

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ