| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 03 Sep 2014 14:01:22 +0200 From: Hannes Frederic Sowa <hannes@...essinduktion.org> To: David Miller <davem@...emloft.net> Cc: hideaki.yoshifuji@...aclelinux.com, johannes@...solutions.net, linux-wireless@...r.kernel.org, netdev@...r.kernel.org, yoshfuji@...ux-ipv6.org Subject: Re: [RFC] net: ipv4: drop unicast encapsulated in L2 multicast On Di, 2014-09-02 at 15:03 -0700, David Miller wrote: > From: YOSHIFUJI Hideaki <hideaki.yoshifuji@...aclelinux.com> > Date: Wed, 03 Sep 2014 10:59:14 +0900 > > > Upper-layer needs to cope eith situation of seeing packets with > > "incorrect" L2 header anyway (e.g., in promiscous mode). > > I do not see much advantage to drop them here. > > It's required to prevent wireless nodes from using the shared wireless > group keys (used for multicast transmission) to inject unicast frames. > > The RFCs really do specify this at least on the ipv4 side. I have to agree with YOSHIFUJI Hideaki here. I looked at a lot of RFCs and haven't found anything were it states to use L2 address type for checks in L3 ipv6 addresses. For IPv4 addresses the situation is clear though... There was an RFC update (6085) which specifically allows one to send ipv6 multicast frames with unicast L2 addresses. In the dicussion that lead to this RFC it was stated that checking L2 and L3 addresses seems to be a layering violation, but I can just use this as a hint. Bye, Hannes -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists