lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 29 Feb 2012 21:55:36 +0800
From:	Weiping Pan <panweiping3@...il.com>
To:	netdev@...r.kernel.org
Cc:	jbohac@...e.cz, fubar@...ibm.com, andy@...yhouse.net,
	Weiping Pan <panweiping3@...il.com>
Subject: [PATCH net] bonding:update rlb entry for arp request

rlb_arp_recv() only handles arp reply packets,
but I think arp request packets contain the latest information about
clients(ip and mac), so we should update rlb entry for arp request.

This patch can resolve a problem that if an IP address is migrated to a
different host in the network, the corresponding rlb entry still contains the
old mac address for this IP, and bonding will send out invalid ARP packets
that will poison other systems' ARP caches.

Jiri Bohac <jbohac@...e.cz> found this problem and posted a patch,
but I don't know whether this patch can fix his problem.

Signed-off-by: Weiping Pan <panweiping3@...il.com>
---
 drivers/net/bonding/bond_alb.c |    9 +++------
 1 files changed, 3 insertions(+), 6 deletions(-)

diff --git a/drivers/net/bonding/bond_alb.c b/drivers/net/bonding/bond_alb.c
index f820b26..fe881a9 100644
--- a/drivers/net/bonding/bond_alb.c
+++ b/drivers/net/bonding/bond_alb.c
@@ -332,7 +332,6 @@ static void rlb_update_entry_from_arp(struct bonding *bond, struct arp_pkt *arp)
 	client_info = &(bond_info->rx_hashtbl[hash_index]);
 
 	if ((client_info->assigned) &&
-	    (client_info->ip_src == arp->ip_dst) &&
 	    (client_info->ip_dst == arp->ip_src) &&
 	    (compare_ether_addr_64bits(client_info->mac_dst, arp->mac_src))) {
 		/* update the clients MAC address */
@@ -366,11 +365,9 @@ static void rlb_arp_recv(struct sk_buff *skb, struct bonding *bond,
 		return;
 	}
 
-	if (arp->op_code == htons(ARPOP_REPLY)) {
-		/* update rx hash table for this ARP */
-		rlb_update_entry_from_arp(bond, arp);
-		pr_debug("Server received an ARP Reply from client\n");
-	}
+	/* update rx hash table for this ARP */
+	rlb_update_entry_from_arp(bond, arp);
+	pr_debug("Server received an ARP Request/Reply from client\n");
 }
 
 /* Caller must hold bond lock for read */
-- 
1.7.4.4

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ