| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 16 Jan 2014 03:05:10 +0100 From: Veaceslav Falico <vfalico@...hat.com> To: netdev@...r.kernel.org Cc: Jay Vosburgh <fubar@...ibm.com>, Andy Gospodarek <andy@...yhouse.net>, "David S. Miller" <davem@...emloft.net>, Veaceslav Falico <vfalico@...hat.com> Subject: [PATCH net-next 0/6] bonding: only rely on arp packets if arp monitor is used Hi, Currently, if arp_validate is off (0), slave_last_rx() returns the slave->dev->last_rx, which is always updated on *any* packet received by slave, and not only arps. This means that, if the validation of arps is off, we're treating *any* incoming packet as a proof of slave being up, and not only arps. This might seem logical at the first glance, however it can cause a lot of troubles and false-positives, one example would be: The arp_ip_target is NOT accessible, however someone in the broadcast domain spams with any broadcast traffic. This way bonding will be tricked that the slave is still up (as in - can access arp_ip_target), while it's not. The documentation for arp_validate also states that *ARPs* will (not) be validated if it's on/off, and that the arp monitoring works on arps as traffic generators. Also, the net_device->last_rx is already used in a lot of drivers (even though the comment states to NOT do it :)), and it's also ugly to modify it from bonding. So, to fix this, remove the last_rx from bonding, *always* call bond_arp_rcv() in slave's rx_handler (bond_handle_frame), and if we spot an arp there - update the slave->last_arp_rx - and use it instead of net_device->last_rx. Finally, rename slave_last_rx() to slave_last_arp_rx() to reflect the changes. As the changes touch really sensitive parts, I've tried to split them as much as possible, for easier debugging/bisecting. CC: Jay Vosburgh <fubar@...ibm.com> CC: Andy Gospodarek <andy@...yhouse.net> CC: "David S. Miller" <davem@...emloft.net> CC: netdev@...r.kernel.org Signed-off-by: Veaceslav Falico <vfalico@...hat.com> --- drivers/net/bonding/bond_main.c | 18 ++++++++---------- drivers/net/bonding/bond_options.c | 12 ++---------- drivers/net/bonding/bonding.h | 16 ++++++---------- include/linux/netdevice.h | 8 +------- 4 files changed, 17 insertions(+), 37 deletions(-) -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists