lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <03484f2a-9429-4680-9172-0859e21e2994@redhat.com>
Date: Tue, 2 Dec 2025 21:34:35 +0100
From: Paolo Abeni <pabeni@...hat.com>
To: Mariusz Klimek <maklimek97@...il.com>, netdev@...r.kernel.org
Subject: Re: [PATCH net-next 1/3] net: gso: do not include jumbogram HBH
 header in seglen calculation

On 12/2/25 5:41 PM, Mariusz Klimek wrote:
> On 12/2/25 12:36, Paolo Abeni wrote:
>> On 11/27/25 10:13 AM, Mariusz Klimek wrote:
>>> This patch fixes an issue in skb_gso_network_seglen where the calculated
>>> segment length includes the HBH headers of BIG TCP jumbograms despite these
>>> headers being removed before segmentation. These headers are added by GRO
>>> or by ip6_xmit for BIG TCP packets and are later removed by GSO. This bug
>>> causes MTU validation of BIG TCP jumbograms to fail.
>>>
>>> Signed-off-by: Mariusz Klimek <maklimek97@...il.com>
>>> ---
>>>  net/core/gso.c | 4 ++++
>>>  1 file changed, 4 insertions(+)
>>>
>>> diff --git a/net/core/gso.c b/net/core/gso.c
>>> index bcd156372f4d..251a49181031 100644
>>> --- a/net/core/gso.c
>>> +++ b/net/core/gso.c
>>> @@ -180,6 +180,10 @@ static unsigned int skb_gso_network_seglen(const struct sk_buff *skb)
>>>  	unsigned int hdr_len = skb_transport_header(skb) -
>>>  			       skb_network_header(skb);
>>>  
>>> +	/* Jumbogram HBH header is removed upon segmentation. */
>>> +	if (skb->protocol == htons(ETH_P_IPV6) && skb->len > IPV6_MAXPLEN)
>>> +		hdr_len -= sizeof(struct hop_jumbo_hdr);
>>
>> Isn't the above condition a bit too course-grain? Specifically, can
>> UDP-encapsulated GSO packets wrongly hit it?
> 
> You're right. Also, It should actually be skb->len - nhdr_len where nhdr_len is
> the length from the beginning of the packet up to right after the network header.
> 
> Should I send a new version or wait for net-next to re-open?

You need to wait for net-next to re-open. Please note that due to the
unfortunated calendar (conferences and EoY) this could be longer than usual.

All the information will be shared on the ML, as usual.

/P

Powered by blists - more mailing lists