lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 9 Sep 2013 19:14:56 -0700
From:	Maciej Żenczykowski <zenczykowski@...il.com>
To:	Linux NetDev <netdev@...r.kernel.org>,
	Eric Dumazet <edumazet@...gle.com>,
	David Miller <davem@...emloft.net>,
	Isaku Yamahata <yamahata@...inux.co.jp>, decot@...gle.com
Subject: wrt. core/dev: set pkt_type after eth_type_trans() in dev_forward_skb()

Merged in v3.11-rc1:

commit 06a23fe31ca3992863721f21bdb0307af93da807
Author: Isaku Yamahata <yamahata@...inux.co.jp>
Date:   Tue Jul 2 20:30:10 2013 +0900

    core/dev: set pkt_type after eth_type_trans() in dev_forward_skb()

    The dev_forward_skb() assignment of pkt_type should be done
    after the call to eth_type_trans().

    ip-encapsulated packets can be handled by localhost. But skb->pkt_type
    can be PACKET_OTHERHOST when packet comes via veth into ip tunnel device.
    In that case, the packet is dropped by ip_rcv().
    Although this example uses gretap. l2tp-eth also has same issue.
    For l2tp-eth case, add dummy device for ip address and ip l2tp command.

    ...

--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -1659,6 +1659,12 @@ int dev_forward_skb(struct net_device *dev,
struct sk_buff *skb)
        }
        skb_scrub_packet(skb);
        skb->protocol = eth_type_trans(skb, dev);
+
+       /* eth_type_trans() can set pkt_type.
+        * clear pkt_type _after_ calling eth_type_trans()
+        */
+       skb->pkt_type = PACKET_HOST;
+
        return netif_rx(skb);
 }
 EXPORT_SYMBOL_GPL(dev_forward_skb);

Appears to me to be bogus.

AFAICT, this results in (at least) veth devices effectively ignoring
destination mac addresses,
since eth_type_trans is what sets PACKET_BROADCAST/MULTICAST/HOST/OTHERHOST,
and this makes everything functionally equivalanet to having a dst mac
address equal to the devices mac address.

(might also affect macvlan and L2TP)

- Maciej
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ