Re: HMAC regression

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> > Switching the hash implementations to the new shash API introduced a
> > regression. HMACs are created incorrectly if the data is scattered over
> > multiple pages, resulting in very unreliable IPsec tunnels.
> 
> What are the symptoms?

After doing further tests, it seems that this is additionally related to
User-Mode-Linux and/or it's TUN/TAP network driver. I couldn't reproduce
the issue on a x64 with e1000. 
I think the bug is actually in the UML network code, but changing the
scatterwalk logic by using the hash_walk functions triggered the issue.

I'll try to find out more...


More details to the issue I'm seeing on UML hosts:

Packets (non fragmented) laying on multiple pages are hashed incorrectly
for HMAC calculation. This results in packet drops on HMAC secured
tunnels (XfrmInStateProtoError's on the receiving end). Affected are at
least 2.6.29, net-2.6, crypto-2.6 and cryptodev-2.6.

To reproduce this, try to send large packets (e.g. ping with -s 1400, or
iperf with TCP) over a HMAC secured ESP tunnel.
Only packets with data on page boundaries are affected. You'll have to
try until the kernel allocates the packet on multiple pages, which is
more likely with larger packets near MTU.

Thanks
Martin

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux