lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Mon, 6 Jun 2016 20:03:49 +0900
From:	Toshiaki Makita <makita.toshiaki@....ntt.co.jp>
To:	Nikolay Aleksandrov <nikolay@...ulusnetworks.com>
Cc:	"David S . Miller" <davem@...emloft.net>,
	Stephen Hemminger <stephen@...workplumber.org>,
	netdev@...r.kernel.org, bridge@...ts.linux-foundation.org,
	Patrick Schaaf <netdev@....de>
Subject: Re: [PATCH net-next] bridge: Synchronize unicast filtering with FDB

On 2016/06/04 2:35, Nikolay Aleksandrov wrote:
...
>>> void br_fdb_changeaddr(struct net_bridge_port *p, const unsigned char *newaddr)
>>> @@ -288,6 +296,95 @@ out:
>>> 	spin_unlock_bh(&br->hash_lock);
>>> }
>>>
>>> +void br_fdb_sync_uc(struct net_bridge *br)
>>> +{
>>> +	struct net_bridge_vlan_group *vg;
>>> +	struct netdev_hw_addr *ha;
>>> +	int i;
>>> +
>>> +	spin_lock_bh(&br->hash_lock);
>>> +
>>> +	for (i = 0; i < BR_HASH_SIZE; i++) {
>>> +		struct hlist_node *h;
>>> +
>>> +		hlist_for_each(h, &br->hash[i]) {
>>> +			struct net_bridge_fdb_entry *f;
>>> +
>>> +			f = hlist_entry(h, struct net_bridge_fdb_entry, hlist);
>>> +			if (!f->dst && f->is_local && !f->added_by_user &&
>>> +			    !ether_addr_equal(f->addr.addr, br->dev->dev_addr)) {
>>> +				/* delete old one */
>>> +				fdb_delete_local(br, NULL, f);
>>> +			}
>>> +		}
>>> +	}
>>> +
>>> +	vg = br_vlan_group(br);
>>> +
>>> +	/* insert new address,  may fail if invalid address or dup. */
>>> +	netdev_for_each_uc_addr(ha, br->dev) {
>>> +		struct net_bridge_vlan *v;
>>> +
>>> +		fdb_insert(br, NULL, ha->addr, 0);
>>> +
>>> +		if (!vg || !vg->num_vlans)
>>> +			continue;
>>> +
>>> +		list_for_each_entry(v, &vg->vlan_list, vlist)
>>> +			fdb_insert(br, NULL, ha->addr, v->vid);
>>
>> Since here you’re walking over the bridge’s vlan list, you should test the vlans with br_vlan_should_use()
>> because it can be a global context holder if the vlan was configured only on ports.

Thank you for your feedback.
will fix in v2.

I actually thought that this is the same logic as
br_fdb_change_mac_address() so assumed it should be all right.
Does br_fdb_change_mac_address() need br_vlan_should_use() as well?

Toshiaki Makita

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ