| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <54941689.7060100@intel.com> Date: Fri, 19 Dec 2014 12:14:01 +0000 From: Hubert Sokolowski <hubert.sokolowski@...el.com> To: netdev@...r.kernel.org CC: ray.kinsella@...el.com Subject: [PATCH net-next v3] net: Do not call ndo_dflt_fdb_dump if ndo_fdb_dump is defined Add checking whether the call to ndo_dflt_fdb_dump is needed. It is not expected to call ndo_dflt_fdb_dump unconditionally by some drivers (i.e. qlcnic or macvlan) that defines own ndo_fdb_dump. Other drivers define own ndo_fdb_dump and don't want ndo_dflt_fdb_dump to be called at all. At the same time it is desirable to call the default dump function on a bridge device. Following tests for filtering have been performed before the change and after the patch was applied to make sure they are the same and it doesn't break the filtering algorithm. [root@...alhost ~]# cd /root/iproute2-3.17.0/bridge [root@...alhost bridge]# modprobe dummy [root@...alhost bridge]# ./bridge fdb add f1:f2:f3:f4:f5:f6 dev dummy0 [root@...alhost bridge]# brctl addbr br0 [root@...alhost bridge]# brctl addif br0 dummy0 [root@...alhost bridge]# ip link set dev br0 address 02:00:00:12:01:04 [root@...alhost bridge]# # show all [root@...alhost bridge]# ./bridge fdb show 33:33:00:00:00:01 dev p2p1 self permanent 01:00:5e:00:00:01 dev p2p1 self permanent 33:33:ff:ac:ce:32 dev p2p1 self permanent 33:33:00:00:02:02 dev p2p1 self permanent 01:00:5e:00:00:fb dev p2p1 self permanent 33:33:00:00:00:01 dev p7p1 self permanent 01:00:5e:00:00:01 dev p7p1 self permanent 33:33:ff:79:50:53 dev p7p1 self permanent 33:33:00:00:02:02 dev p7p1 self permanent 01:00:5e:00:00:fb dev p7p1 self permanent 7e:0c:8b:b1:59:da dev dummy0 master br0 permanent 7e:0c:8b:b1:59:da dev dummy0 vlan 1 master br0 permanent 33:33:00:00:00:01 dev dummy0 self permanent f1:f2:f3:f4:f5:f6 dev dummy0 self permanent 33:33:00:00:00:01 dev br0 self permanent 02:00:00:12:01:04 dev br0 vlan 1 master br0 permanent 02:00:00:12:01:04 dev br0 master br0 permanent [root@...alhost bridge]# # filter by bridge [root@...alhost bridge]# ./bridge fdb show br br0 7e:0c:8b:b1:59:da dev dummy0 master br0 permanent 7e:0c:8b:b1:59:da dev dummy0 vlan 1 master br0 permanent 33:33:00:00:00:01 dev dummy0 self permanent f1:f2:f3:f4:f5:f6 dev dummy0 self permanent 33:33:00:00:00:01 dev br0 self permanent 02:00:00:12:01:04 dev br0 vlan 1 master br0 permanent 02:00:00:12:01:04 dev br0 master br0 permanent [root@...alhost bridge]# # filter by port [root@...alhost bridge]# ./bridge fdb show brport dummy0 7e:0c:8b:b1:59:da master br0 permanent 7e:0c:8b:b1:59:da vlan 1 master br0 permanent 33:33:00:00:00:01 self permanent f1:f2:f3:f4:f5:f6 self permanent [root@...alhost bridge]# # filter by port + bridge [root@...alhost bridge]# ./bridge fdb show br br0 brport dummy0 7e:0c:8b:b1:59:da master br0 permanent 7e:0c:8b:b1:59:da vlan 1 master br0 permanent 33:33:00:00:00:01 self permanent f1:f2:f3:f4:f5:f6 self permanent [root@...alhost bridge]# Also following test was performed to proove it fixes the problem with macvlan driver where dflt_fdb_dump was called twice showing duplicate self entries: [root@...alhost bridge]# modprobe dummy [root@...alhost bridge]# ip li add link dummy0 mac0 type macvlan [root@...alhost bridge]# ./bridge fdb show dev mac0 33:33:00:00:00:01 self permanent [root@...alhost bridge]# Signed-off-by: Hubert Sokolowski <hubert.sokolowski@...el.com> --- net/core/rtnetlink.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c index d06107d..d32518c 100644 --- a/net/core/rtnetlink.c +++ b/net/core/rtnetlink.c @@ -2693,7 +2693,10 @@ static int rtnl_fdb_dump(struct sk_buff *skb, struct netlink_callback *cb) idx); } - idx = ndo_dflt_fdb_dump(skb, cb, dev, NULL, idx); + if ((dev->priv_flags & IFF_EBRIDGE) || + !(dev->netdev_ops->ndo_fdb_dump)) + idx = ndo_dflt_fdb_dump(skb, cb, dev, NULL, idx); + if (dev->netdev_ops->ndo_fdb_dump) idx = dev->netdev_ops->ndo_fdb_dump(skb, cb, bdev, dev, idx); -- 1.9.3 -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists