lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 16 Jun 2008 12:03:43 +0200
From:	Patrick McHardy <kaber@...sh.net>
To:	Wang Chen <wangchen@...fujitsu.com>
CC:	"David S. Miller" <davem@...emloft.net>,
	NETDEV <netdev@...r.kernel.org>
Subject: Re: [PATCH 3/3] netdevice: order of synchronization of IFF_PROMISC
 and IFF_ALLMULTI

Wang Chen wrote:
> Patrick McHardy said the following on 2008-6-16 17:27:
>> Wang Chen wrote:
>>> -    if (dev->flags & IFF_ALLMULTI)
>>> -        dev_set_allmulti(real_dev, 1);
>>> +    /* NOTE: order of synchronization of IFF_PROMISC and IFF_ALLMULTI
>>> +       is important. Some (broken) drivers set IFF_PROMISC, when
>>> +       IFF_ALLMULTI is requested not asking us and not reporting.
>>> +     */
>>>      if (dev->flags & IFF_PROMISC)
>>>          dev_set_promiscuity(real_dev, 1);
>>> +    if (dev->flags & IFF_ALLMULTI)
>>> +        dev_set_allmulti(real_dev, 1);
>>
>> What exactly is the problem here? The VLAN code is obviously not
>> one of the broken drivers, so why should it care what other drivers
>> do?
>>
> 
> I think the problem is that allmulti is not valid if promis is not on.

No, PROMISC is a superset of ALLMULTI.

> And about the comment, I copy it from dev_change_flags() and think
> it seems suit for here.
> Did I misunderstand this comment?

I think it refers to broken behaviour by drivers that set
IFF_PROMISC themselves when asked to disable multicast
filtering by setting IFF_ALLMULTI. This would cause the
test for changed flags in dev_set_promiscuity to return zero
and not program the device for promiscous mode properly.

There are a few examples of this in the tree. But calling
dev_set_promiscuity() before dev_set_allmulti() only helps
in the dev_change_flags() case since its the only function
that might change both flags at once. In all other cases it
depends on the caller.

So for the dev_change_flags() case VLAN already uses the
"proper" ordering, the other cases might be broken with
or without your patch.

I'd suggest to fix the drivers instead, perhaps start by
adding a warning to dev_change_flags() that is triggered
by the driver changing the flags itself.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ