lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 14 Feb 2014 16:59:23 +0100
From:	François Cachereul <f.cachereul@...halink.fr>
To:	Jay Vosburgh <fubar@...ibm.com>,
	Veaceslav Falico <vfalico@...hat.com>,
	Andy Gospodarek <andy@...yhouse.net>
CC:	netdev@...r.kernel.org
Subject: [PATCH net] bonding: fix arp requests sends with isolated routes

Make arp_send_all() try to send arp packets through slave devices event
if no route to arp_ip_target is found. This is useful when the route
is in an isolated routing table with routing rule parameters like oif or
iif in which case ip_route_output() return an error.
Thus, the arp packet is send without vlan and with the bond ip address
as sender.

Signed-off-by: François CACHEREUL <f.cachereul@...halink.fr>
---
This previously worked, the problem was added in 2.6.35 with vlan 0
added by default when the module 8021q is loaded. Before that no route
lookup was done if the bond device did not have any vlan. The problem
now exists event if the module 8021q is not loaded.

 drivers/net/bonding/bond_main.c |    9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/drivers/net/bonding/bond_main.c b/drivers/net/bonding/bond_main.c
index 8676649..300e5b8 100644
--- a/drivers/net/bonding/bond_main.c
+++ b/drivers/net/bonding/bond_main.c
@@ -2168,17 +2168,19 @@ static void bond_arp_send_all(struct bonding *bond, struct slave *slave)
 	for (i = 0; i < BOND_MAX_ARP_TARGETS && targets[i]; i++) {
 		pr_debug("basa: target %pI4\n", &targets[i]);
 
+		vlan_id = 0;
+
 		/* Find out through which dev should the packet go */
 		rt = ip_route_output(dev_net(bond->dev), targets[i], 0,
 				     RTO_ONLINK, 0);
 		if (IS_ERR(rt)) {
 			pr_debug("%s: no route to arp_ip_target %pI4\n",
 				 bond->dev->name, &targets[i]);
-			continue;
+			/* no route found, trying with bond->dev */
+			addr = bond_confirm_addr(bond->dev, targets[i], 0);
+			goto rt_err_try;
 		}
 
-		vlan_id = 0;
-
 		/* bond device itself */
 		if (rt->dst.dev == bond->dev)
 			goto found;
@@ -2232,6 +2234,7 @@ static void bond_arp_send_all(struct bonding *bond, struct slave *slave)
 found:
 		addr = bond_confirm_addr(rt->dst.dev, targets[i], 0);
 		ip_rt_put(rt);
+rt_err_try:
 		bond_arp_send(slave->dev, ARPOP_REQUEST, targets[i],
 			      addr, vlan_id);
 	}
-- 
1.7.10.4

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ