lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20171110115435.4261-3-privat@egil-hjelmeland.no>
Date:   Fri, 10 Nov 2017 12:54:35 +0100
From:   Egil Hjelmeland <privat@...l-hjelmeland.no>
To:     andrew@...n.ch, vivien.didelot@...oirfairelinux.com,
        f.fainelli@...il.com, netdev@...r.kernel.org,
        linux-kernel@...r.kernel.org
Cc:     Egil Hjelmeland <privat@...l-hjelmeland.no>
Subject: [PATCH net-next 2/2] net: dsa: lan9303: Clear offload_fwd_mark for IGMP

Now that IGMP packets no longer is flooded in HW, we want the SW bridge to
forward packets based on bridge configuration. To make that happen,
IGMP packets must have skb->offload_fwd_mark = 0.

Signed-off-by: Egil Hjelmeland <privat@...l-hjelmeland.no>
---
 net/dsa/tag_lan9303.c | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/net/dsa/tag_lan9303.c b/net/dsa/tag_lan9303.c
index 5ba01fc3c6ba..b8c5e52b2eff 100644
--- a/net/dsa/tag_lan9303.c
+++ b/net/dsa/tag_lan9303.c
@@ -92,6 +92,8 @@ static struct sk_buff *lan9303_rcv(struct sk_buff *skb, struct net_device *dev,
 {
 	u16 *lan9303_tag;
 	unsigned int source_port;
+	u16 ether_type_nw;
+	u8 ip_protocol;
 
 	if (unlikely(!pskb_may_pull(skb, LAN9303_TAG_LEN))) {
 		dev_warn_ratelimited(&dev->dev,
@@ -129,6 +131,17 @@ static struct sk_buff *lan9303_rcv(struct sk_buff *skb, struct net_device *dev,
 	skb->offload_fwd_mark = !ether_addr_equal(skb->data - ETH_HLEN,
 						  eth_stp_addr);
 
+	/* We also need IGMP packets to have skb->offload_fwd_mark = 0.
+	 * Solving this for all conceivable situations would add more cost to
+	 * every packet. Instead we handle just the common case:
+	 * No VLAN tag + Ethernet II framing.
+	 * Test least probable term first.
+	 */
+	ether_type_nw = lan9303_tag[2];
+	ip_protocol = *(skb->data + 9);
+	if (ip_protocol == IPPROTO_IGMP && ether_type_nw == htons(ETH_P_IP))
+		skb->offload_fwd_mark = 0;
+
 	return skb;
 }
 
-- 
2.11.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ