lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <4E53E237.1060401@sfc.wide.ad.jp>
Date:	Wed, 24 Aug 2011 02:24:07 +0900
From:	Ang Way Chuang <wcang@....wide.ad.jp>
To:	Eric Dumazet <eric.dumazet@...il.com>
CC:	netdev@...r.kernel.org,
	Linus Lüssing <linus.luessing@....de>,
	Herbert Xu <herbert@...dor.apana.org.au>
Subject: Re: IPv6 multicast snooping behaviour on 2.6.39-rc2 and later

This is what I found so far from debugging.

The packet is not forwarded due to the failed checksum at br_multicast.c:1533

         case CHECKSUM_NONE:
                 skb2->csum = 0;
                 if (skb_checksum_complete(skb2))
                         goto out;
         }

Contrary to description of commit ff9a57a6, when the patch of commit ff9a57a6 is applied,
pskb_trim_rcsum is never called at all on my testbed. When commit ff9a57a6 is reverted,
pskb_trim_rcsum will be called. The difference is:

with commit ff9a57a6,
    pskb_trim_rcsum is never called, br_multicast_ipv6_rcv returns -EINVAL which causes
    br_handle_frame_finish to drop the packet

without commit ff9a57a6,
    pskb_trim_rcsum is called overwriting err with 0. br_multicast_ipv6_rcv still fails on the
    same line (skb_checksum_complete). But the difference is err is set to 0 this time. Thereby,
    allowing the packet to be forwarded.

Anyway, I don't think the behaviour is correct with or without commit ff9a57a6



On 23/08/11 23:04, Ang Way Chuang wrote:
> Tough luck :( Got no love from bridge. It still doesn't work with your latest patch. Please keep sending those patches.
>
> On 23/08/11 22:10, Eric Dumazet wrote:
>> Le mardi 23 août 2011 à 21:31 +0900, Ang Way Chuang a écrit :
>>> Sorry for the blurb. I hope I've configured thunderbird properly to
>>> send in plain text. Hope you received my reply. I tried your patch on
>>> 3.0.3 and it didn't fix the problem.
>>
>> Thanks for trying !
>>
>> Ok could you please try following patch then ?
>>
>> diff --git a/net/bridge/br_multicast.c b/net/bridge/br_multicast.c
>> index 2d85ca7..e9b32a3 100644
>> --- a/net/bridge/br_multicast.c
>> +++ b/net/bridge/br_multicast.c
>> @@ -1497,7 +1497,7 @@ static int br_multicast_ipv6_rcv(struct net_bridge *br,
>>       if (!pskb_may_pull(skb2, offset + sizeof(struct icmp6hdr)))
>>           goto out;
>>
>> -    len -= offset - skb_network_offset(skb2);
>> +    len -= offset;
>>
>>       __skb_pull(skb2, offset);
>>       skb_reset_transport_header(skb2);
>> @@ -1520,6 +1520,7 @@ static int br_multicast_ipv6_rcv(struct net_bridge *br,
>>           err = pskb_trim_rcsum(skb2, len);
>>           if (err)
>>               goto out;
>> +        icmp6h = icmp6_hdr(skb2);
>>       }
>>
>>       switch (skb2->ip_summed) {
>>
>>
>>
>
> -- 
> To unsubscribe from this list: send the line "unsubscribe netdev" in
> the body of a message to majordomo@...r.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
>

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ