| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 02 Sep 2014 11:33:22 +0200 From: Johannes Berg <johannes@...solutions.net> To: Julian Anastasov <ja@....bg> Cc: David Miller <davem@...emloft.net>, linux-wireless@...r.kernel.org, netdev@...r.kernel.org Subject: Re: [RFC] net: ipv4: drop unicast encapsulated in L2 multicast On Wed, 2014-08-27 at 17:31 +0300, Julian Anastasov wrote: > > All IP protocols, this comes either from the IPv4 RFC (1122) or from the > > wireless issue which affects all protocols. > > I did a grep for inet_add_protocol, in case if > we prefer to use per-protocol checks: > > Protocols that look ok to me: TCP, SCTP, DCCP > > ICMP: missing check in icmp_rcv > UDP, UDPLITE: need check in __udp4_lib_rcv > IGMP: uses only multicast address? > PIM: not sure if __pim_rcv() needs check, before skb_tunnel_rx() > changes pkt_type? > > More protocols are also registered with inet_add_protocol(), I don't > see pkt_type checks there, mostly tunnels: > - IPPROTO_GRE > - IPPROTO_L2TP > - IPPROTO_IPIP > - IPPROTO_IPV6 (tunnel64_rcv) > > If going to use a global check I hope there are > no protocols that require exception to this rule. Yeah that's the big question. Are you saying that TCP already implements this? But I guess for TCP it's least interesting in a sense? Not really sure. I'd feel better implementing it at the IP level though, since it's a fairly low-level requirement and also RFC 1122 is on the IP level (obviously) johannes -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists