lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Thu, 23 Jun 2016 20:42:42 +0200
From:	Linus Lüssing <linus.luessing@...3.blue>
To:	daniel <daniel@...wrt.com>
Cc:	netdev@...r.kernel.org, bridge@...ts.linux-foundation.org,
	Ulrich Weber <ulrich.weber@...hos.com>,
	Stephen Hemminger <stephen@...workplumber.org>,
	"David S. Miller" <davem@...emloft.net>
Subject: Re: [PATCH] Bridge: Fix ipv6 mc snooping if it has no ipv6 address.

Hi Daniel,

Thanks for submitting this patch here :).


On Thu, Jun 23, 2016 at 11:28:55AM +0200, daniel wrote:
> The bridge is falsly dropping ipv6 mulitcast packets
> if there is no ipv6 address assigned on the brigde and no
> external mld querier is present.

and if the bridge internal querier is enabled (usually disabled
by default in the bridge code, but enabled by default in OpenWRT
for instance).

> 
> When the bridge fails to build mld queries, because it has no
> ipv6 address, it silently returns, but keeps the local querier enabled.
> (br_multicast.c:832)

Not sure whether David or others like line numbers in commit messages, as
they can change over time.

> 
> Ipv6 multicast snooping can only work if:
>  a) an external querier is present

maybe clarify that this is an OR, not AND?


I think you can add a [PATCH net] tag, as it seems small
enough for stable kernels and fixes a potential, confusing packet
loss case.

Also maybe add a:
--
Fixes: 1d81d4c3dd88 ("bridge: check return value of ipv6_dev_get_saddr()")
--

Regards, Linus


PS: Does not seem to apply for me on either David's net branch or
Torvald's master branch.

"fatal: patch fragment without header at line 7: @@ -599,10
+612,12 @@ static inline bool"

Try using "git format-patch" and "git send-email" instead. Also
check ./scripts/get_maintainer.pl for a few more email addresses
to add.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ