lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <887be2d4-2684-3011-bf21-494f2ec6cb17@lab.ntt.co.jp>
Date:   Thu, 2 Nov 2017 18:22:53 +0900
From:   Toshiaki Makita <makita.toshiaki@....ntt.co.jp>
To:     "Keller, Jacob E" <jacob.e.keller@...el.com>,
        "netdev@...r.kernel.org" <netdev@...r.kernel.org>
Cc:     "vyasevic@...hat.com" <vyasevic@...hat.com>,
        "Malek, Patryk" <patryk.malek@...el.com>
Subject: Re: removing bridge in vlan_filtering mode requests delete of
 attached ports main MAC address

On 2017/11/02 7:25, Keller, Jacob E wrote:
...
>> If we skip adding them, we cannot receive frames which should be
>> received on the bridge device during non-promiscuous mode.
>>
>> --
>> Toshiaki Makita
> 
> This makes sense, but then what removes the addresses upon bridge deletion or exiting static mode?
> 
> We want to make sure we remove the correct addresses but don't request a delete of the permanent MAC address? Or, do we just completely assume that a device will never actually delete it's own permanent address, and thus say this is a driver's fault for allowing a delete request of its permanent address to do anything..?

We may be able to skip adding or deleting local address which is
identical to dev_addr in bridge code.
Having said that I feel like drivers should ensure not to remove their
permanent address even when the same address is removed from the uc
list, since currently it is not prohibited to do that kind of admin
operation through bridge command (bridge fdb add|del self).
Note that "bridge fdb ... self" is a command which modifies device's uc
filter, not modify bridge's fdb entries.

-- 
Toshiaki Makita

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ