lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-Id: <20150228.144949.451713735699145008.davem@davemloft.net>
Date:	Sat, 28 Feb 2015 14:49:49 -0500 (EST)
From:	David Miller <davem@...emloft.net>
To:	george.mccollister@...il.com
Cc:	netdev@...r.kernel.org, mugunthanvnm@...com, balbi@...com,
	lsorense@...lub.uwaterloo.ca, tony@...mide.com, mpa@...gutronix.de,
	jhovold@...il.com, george.cherian@...com, tklauser@...tanz.ch
Subject: Re: [PATCH net] drivers: net: cpsw: Set SECURE for dual_emac ucast

From: George McCollister <george.mccollister@...il.com>
Date: Thu, 26 Feb 2015 15:19:30 -0600

> Prior to this patch, sending a packet with the source MAC address of one
> of the CPSW interfaces to one of the CPSW slave ports while it's configured in
> dual_emac mode would update the port_num field of the VLAN/Unicast Address
> Table Entry. This would cause it to discard all incoming traffic addressed to
> that MAC address, essentially rendering the port useless until the ALE table is
> cleared (by starting and stopping the interface or rebooting.)
> 
> For example, if eth0 has a MAC address of 90:59:af:8f:43:e9 it will have
> an ALE table entry:
> 
> 00 00 00 00 59 90 02 30 e9 43 8f af
> (VLAN Addr vlan_id=2 unicast type=0 port_num=0 addr=90:59:af:8f:43:e9)
> 
> If you configure another device with the same MAC address and connect it
> to the first CPSW slave port and send some traffic the ALE table entry
> becomes:
> 
> 04 00 00 00 59 90 02 30 e9 43 8f af
> (VLAN Addr vlan_id=2 unicast type=0 port_num=1 addr=90:59:af:8f:43:e9)
> 
> From this point forward all incoming traffic addressed to
> 90:59:af:8f:43:e9 will be dropped.
> 
> Setting the SECURE bit for the VLAN/Unicast address table entry for each
> interface's MAC address corrects the problem.
> 
> Signed-off-by: George McCollister <george.mccollister@...il.com>

Applied, thanks.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ