lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 21 Jul 2014 09:53:29 +0200
From:	Antonio Quartulli <antonio@...hcoding.com>
To:	davem@...emloft.net
Cc:	netdev@...r.kernel.org, b.a.t.m.a.n@...ts.open-mesh.org
Subject: pull request [net]: batman-adv 20140721

Hello David,

here you have two fixes that we have been testing for quite some time
(this is why they arrived a bit late in the rc cycle).

Patch 1) ensures that BLA packets get dropped and not forwarded to the
mesh even if they reach batman-adv within QinQ frames. Forwarding them
into the mesh means messing up with the TT database of other nodes which
can generate all kind of unexpected behaviours during route computation.

Patch 2) avoids a couple of race conditions triggered upon fast VLAN
deletion-addition. Such race conditions are pretty dangerous because
they not only create inconsistencies in the TT database of the nodes
in the network, but such scenario is also unrecoverable (unless
nodes are rebooted).


Please pull or let me know of any problem!


Thanks a lot,
	Antonio



The following changes since commit 640d7efe4c08f06c4ae5d31b79bd8740e7f6790a:

  dns_resolver: Null-terminate the right string (2014-07-20 22:33:32 -0700)

are available in the git repository at:

  git://git.open-mesh.org/linux-merge.git tags/batman-adv-fix-for-davem

for you to fetch changes up to 35df3b298fc8779f7edf4b0228c683f7e98edcd5:

  batman-adv: fix TT VLAN inconsistency on VLAN re-add (2014-07-21 09:49:30 +0200)

----------------------------------------------------------------
Included fixes:
- recognise and drop Bridge Loop Avoidance packets even if
  they are encapsulated in the 802.1q header multiple times.
  Forwarding them into the mesh creates issues on other
  nodes.
- properly handle VLAN private objects in order to avoid race
  conditions upon fast VLAN deletion-addition. Such conditions
  create an unrecoverable inconsistency in the TT database of
  the nodes.

----------------------------------------------------------------
Antonio Quartulli (1):
      batman-adv: fix TT VLAN inconsistency on VLAN re-add

Simon Wunderlich (1):
      batman-adv: drop QinQ claim frames in bridge loop avoidance

 net/batman-adv/bridge_loop_avoidance.c | 44 +++++++++++++++++++------
 net/batman-adv/soft-interface.c        | 60 ++++++++++++++++++++++++++--------
 net/batman-adv/translation-table.c     | 26 +++++++++++++++
 net/batman-adv/types.h                 |  2 ++
 4 files changed, 108 insertions(+), 24 deletions(-)
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ