From: Eric Dumazet <edumazet@google.com>
To: mkubecek@suse.cz
Cc: Eric Dumazet <eric.dumazet@gmail.com>,
Florian Westphal <fw@strlen.de>,
Tom Herbert <tom@herbertland.com>,
netdev <netdev@vger.kernel.org>,
David Miller <davem@davemloft.net>,
Peter Oskolkov <posk@google.com>,
twinters@iol.unh.edu
Subject: Re: [PATCH v3 23/30] ipv6: defrag: drop non-last frags smaller than min mtu
Date: Fri, 11 Jan 2019 05:07:18 -0800 [thread overview]
Message-ID: <CANn89iKR=ULyoUVELu6ZseA6ZJKhwic4a3rh4fnXhc4FGTc5sw@mail.gmail.com> (raw)
In-Reply-To: <20190111125237.GG14607@unicorn.suse.cz>
On Fri, Jan 11, 2019 at 4:52 AM Michal Kubecek <mkubecek@suse.cz> wrote:
>
> On Fri, Jan 11, 2019 at 04:27:24AM -0800, Eric Dumazet wrote:
> > On Fri, Jan 11, 2019 at 4:21 AM Michal Kubecek <mkubecek@suse.cz> wrote:
> > >
> > > On Fri, Jan 11, 2019 at 02:57:39AM -0800, Eric Dumazet wrote:
> > > > On 01/10/2019 02:22 PM, Florian Westphal wrote:
> > > > > Tom Herbert <tom@herbertland.com> wrote:
> > > > >> I couldn't find any mention of the advisory in the commit logs or
> > > > >> netdev discussion, and apparently there's no protocol requirement that
> > > > >> intermediate fragements need to be at least minimal MTU. Maybe this
> > > > >> patch should be reverted?
> > > > >
> > > > > Currently ipv6 reasm doesn't use rbtree infrastructure, so it would
> > > > > have to be converted first.
> > > >
> > > > <quote>
> > > > Section 4.5 of RFC 8200 allows for sending any fragment for
> > > > fragments as long they add up to the original packet.
> > > > </quote>
> > > >
> > > > I do not believe we need an rbtree to implement this idea.
> > >
> > > IMHO Florian meant that allowing arbitrarily small fragments would harm
> > > resistance against FragmentSmack type attacks so that we might need
> > > rbtree based queues to be reasonably safe.
> > >
> >
> > I fail to see why.
> >
> > Adding a fragment to the tail of the list is O(1), whatever of its size.
> >
> > If we ever receive a 'too small for IPv6' fragment not at the tail,
> > we would immediately discard the whole datagram in O(1) as well.
> >
> > rbtree was needed because we assumed that we needed to allow IPv4 to
> > receive arbitrary fragments.
>
> My understanding of the original e-mail was that our assumption that
> only last IPv6 fragment is allowed to be shorter than 1280 bytes (which
> commit 0ed4229b08c1 ("ipv6: defrag: drop non-last frags smaller than min
> mtu") is based on) was wrong and we should probably revert that commit.
> How do you understand it?
>
Reverting the commit is a no go, hackers will simply kill the hosts.
I was saying that we can refine the check, and allow whatever
fragments to come in order.
(Even if this makes no sense, since fragments could come out of order)
Of course, the rb-tree implementation might be okay (even for stable
trees), since we can copy/paste the IPv4 one.
next prev parent reply other threads:[~2019-01-11 13:07 UTC|newest]
Thread overview: 45+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-09-13 14:58 [PATCH v3 00/30] backport of IP fragmentation fixes Stephen Hemminger
2018-09-13 14:58 ` [PATCH v3 01/30] inet: frags: change inet_frags_init_net() return value Stephen Hemminger
2018-09-13 14:58 ` [PATCH v3 02/30] inet: frags: add a pointer to struct netns_frags Stephen Hemminger
2018-09-13 14:58 ` [PATCH v3 03/30] inet: frags: refactor ipfrag_init() Stephen Hemminger
2018-09-13 14:58 ` [PATCH v3 04/30] inet: frags: Convert timers to use timer_setup() Stephen Hemminger
2018-09-13 14:58 ` [PATCH v3 05/30] inet: frags: refactor ipv6_frag_init() Stephen Hemminger
2018-09-13 14:58 ` [PATCH v3 06/30] inet: frags: refactor lowpan_net_frag_init() Stephen Hemminger
2018-09-13 14:58 ` [PATCH v3 07/30] ipv6: export ip6 fragments sysctl to unprivileged users Stephen Hemminger
2018-09-13 14:58 ` [PATCH v3 08/30] rhashtable: add schedule points Stephen Hemminger
2018-09-13 14:58 ` [PATCH v3 09/30] inet: frags: use rhashtables for reassembly units Stephen Hemminger
2018-09-13 14:58 ` [PATCH v3 10/30] inet: frags: remove some helpers Stephen Hemminger
2018-09-13 14:58 ` [PATCH v3 11/30] inet: frags: get rif of inet_frag_evicting() Stephen Hemminger
2018-09-13 14:58 ` [PATCH v3 12/30] inet: frags: remove inet_frag_maybe_warn_overflow() Stephen Hemminger
2018-09-13 14:58 ` [PATCH v3 13/30] inet: frags: break the 2GB limit for frags storage Stephen Hemminger
2018-09-13 14:58 ` [PATCH v3 14/30] inet: frags: do not clone skb in ip_expire() Stephen Hemminger
2018-09-13 14:58 ` [PATCH v3 15/30] ipv6: frags: rewrite ip6_expire_frag_queue() Stephen Hemminger
2018-09-13 14:58 ` [PATCH v3 16/30] rhashtable: reorganize struct rhashtable layout Stephen Hemminger
2018-09-13 14:58 ` [PATCH v3 17/30] inet: frags: reorganize struct netns_frags Stephen Hemminger
2018-09-13 14:58 ` [PATCH v3 18/30] inet: frags: get rid of ipfrag_skb_cb/FRAG_CB Stephen Hemminger
2018-09-13 14:58 ` [PATCH v3 19/30] inet: frags: fix ip6frag_low_thresh boundary Stephen Hemminger
2018-09-13 14:58 ` [PATCH v3 20/30] ip: discard IPv4 datagrams with overlapping segments Stephen Hemminger
2018-09-13 14:58 ` [PATCH v3 21/30] net: speed up skb_rbtree_purge() Stephen Hemminger
2018-09-13 14:58 ` [PATCH v3 22/30] net: modify skb_rbtree_purge to return the truesize of all purged skbs Stephen Hemminger
2018-09-13 14:58 ` [PATCH v3 23/30] ipv6: defrag: drop non-last frags smaller than min mtu Stephen Hemminger
2019-01-10 19:30 ` Tom Herbert
2019-01-10 22:22 ` Florian Westphal
2019-01-11 10:57 ` Eric Dumazet
2019-01-11 12:21 ` Michal Kubecek
2019-01-11 12:27 ` Eric Dumazet
2019-01-11 12:52 ` Michal Kubecek
2019-01-11 13:07 ` Eric Dumazet [this message]
[not found] ` <CAOSSMjUODMbBuW=GgwcEt6avKoyYD5A9CzdBtE6NR6dz4pnD6w@mail.gmail.com>
2019-01-11 14:09 ` Eric Dumazet
2019-01-11 14:21 ` Michal Kubecek
[not found] ` <CAOSSMjVMVWxzkT5M2LHgf0+GPHdaWHV01a6mBqbGRVXOaQ04PQ@mail.gmail.com>
2019-01-11 17:09 ` Peter Oskolkov
2019-01-11 18:10 ` Michal Kubecek
2019-01-12 3:21 ` Tom Herbert
2018-09-13 14:58 ` [PATCH v3 24/30] net: pskb_trim_rcsum() and CHECKSUM_COMPLETE are friends Stephen Hemminger
2018-09-13 14:58 ` [PATCH v3 25/30] net: add rb_to_skb() and other rb tree helpers Stephen Hemminger
2018-09-13 14:58 ` [PATCH v3 26/30] net: sk_buff rbnode reorg Stephen Hemminger
2018-10-18 16:01 ` Christoph Paasch
2018-09-13 14:58 ` [PATCH v3 27/30] ipv4: frags: precedence bug in ip_expire() Stephen Hemminger
2018-09-13 14:59 ` [PATCH v3 28/30] ip: add helpers to process in-order fragments faster Stephen Hemminger
2018-09-13 14:59 ` [PATCH v3 29/30] ip: process in-order fragments efficiently Stephen Hemminger
2018-09-13 14:59 ` [PATCH v3 30/30] ip: frags: fix crash in ip_do_fragment() Stephen Hemminger
2018-09-17 12:47 ` [PATCH v3 00/30] backport of IP fragmentation fixes Greg KH
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CANn89iKR=ULyoUVELu6ZseA6ZJKhwic4a3rh4fnXhc4FGTc5sw@mail.gmail.com' \
--to=edumazet@google.com \
--cc=davem@davemloft.net \
--cc=eric.dumazet@gmail.com \
--cc=fw@strlen.de \
--cc=mkubecek@suse.cz \
--cc=netdev@vger.kernel.org \
--cc=posk@google.com \
--cc=tom@herbertland.com \
--cc=twinters@iol.unh.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.