| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 10 Oct 2013 22:56:33 +0200 From: Felix Fietkau <nbd@...nwrt.org> To: Stephen Hemminger <stephen@...workplumber.org> CC: netdev@...r.kernel.org Subject: Re: [PATCH net] bridge: allow receiption on disabled port On 2013-10-10 10:36 PM, Stephen Hemminger wrote: > On Thu, 10 Oct 2013 14:52:50 +0200 > Felix Fietkau <nbd@...nwrt.org> wrote: > >> When an ethernet device is enslaved to a bridge, and the bridge STP >> detects loss of carrier (or operational state down), then normally >> packet receiption is blocked. >> >> This breaks control applications like WPA which maybe expecting to >> receive packets to negotiate to bring link up. The bridge needs to >> block forwarding packets from these disabled ports, but there is no >> hard requirement to not allow local packet delivery. >> >> Signed-off-by: Stephen Hemminger <stephen@...workplumber.org> >> Signed-off-by: Felix Fietkau <nbd@...nwrt.org> > > No. This will cause duplicate packets to be delivered. How? I haven't observed any duplications in my tests with this patch. > If doing a link layer protocol like WPA then it should be done directly > on the underlying device, not the bridge itself. When the ETH_P_PAE protocol is set for the packet socket inside wpa_supplicant, the bridge steals all packets before the protocol handler gets them. In __netif_receive_skb_core, only ptype_all gets processed before the rx handler, not ptype_base. - Felix -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists