lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <02874ECE860811409154E81DA85FBB5882ADA84E@ORSMSX115.amr.corp.intel.com>
Date:   Thu, 2 Nov 2017 22:10:20 +0000
From:   "Keller, Jacob E" <jacob.e.keller@...el.com>
To:     Toshiaki Makita <makita.toshiaki@....ntt.co.jp>,
        "netdev@...r.kernel.org" <netdev@...r.kernel.org>
CC:     "vyasevic@...hat.com" <vyasevic@...hat.com>,
        "Malek, Patryk" <patryk.malek@...el.com>
Subject: RE: removing bridge in vlan_filtering mode requests delete of
 attached ports main MAC address

> -----Original Message-----
> From: netdev-owner@...r.kernel.org [mailto:netdev-owner@...r.kernel.org]
> On Behalf Of Toshiaki Makita
> Sent: Thursday, November 02, 2017 2:23 AM
> To: Keller, Jacob E <jacob.e.keller@...el.com>; netdev@...r.kernel.org
> Cc: vyasevic@...hat.com; Malek, Patryk <patryk.malek@...el.com>
> Subject: Re: removing bridge in vlan_filtering mode requests delete of attached
> ports main MAC address
> 
> On 2017/11/02 7:25, Keller, Jacob E wrote:
> ...
> >> If we skip adding them, we cannot receive frames which should be
> >> received on the bridge device during non-promiscuous mode.
> >>
> >> --
> >> Toshiaki Makita
> >
> > This makes sense, but then what removes the addresses upon bridge deletion
> or exiting static mode?
> >
> > We want to make sure we remove the correct addresses but don't request a
> delete of the permanent MAC address? Or, do we just completely assume that a
> device will never actually delete it's own permanent address, and thus say this is
> a driver's fault for allowing a delete request of its permanent address to do
> anything..?
> 
> We may be able to skip adding or deleting local address which is
> identical to dev_addr in bridge code.
> Having said that I feel like drivers should ensure not to remove their
> permanent address even when the same address is removed from the uc
> list, since currently it is not prohibited to do that kind of admin
> operation through bridge command (bridge fdb add|del self).
> Note that "bridge fdb ... self" is a command which modifies device's uc
> filter, not modify bridge's fdb entries.
> 
> --
> Toshiaki Makita	

Ok. I'll go ahead and cook a patch for preventing such a removal from deleting the permanent address from i40e. That sounds like the most reasonable approach given that from digging into other drivers, they don't store the permanent address in the regular UC table anyways.

Thanks,
Jake

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ