| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAF2d9jgFEn2POF0L-ZXAwgtC_mqbni8ir9zT7EvrbxLd6CSQpg@mail.gmail.com>
Date: Mon, 16 Jul 2018 16:53:42 -0700
From: Mahesh Bandewar (महेश बंडेवार)
<maheshb@...gle.com>
To: Jay Vosburgh <jay.vosburgh@...onical.com>
Cc: Mahesh Bandewar <mahesh@...dewar.net>,
Andy Gospodarek <andy@...yhouse.net>,
Veaceslav Falico <vfalico@...il.com>,
David Miller <davem@...emloft.net>,
Netdev <netdev@...r.kernel.org>, Michal Soltys <soltys@....info>
Subject: Re: [PATCH next] bonding: pass link-local packets to bonding master also.
On Mon, Jul 16, 2018 at 2:24 PM, Jay Vosburgh
<jay.vosburgh@...onical.com> wrote:
> Mahesh Bandewar <mahesh@...dewar.net> wrote:
>
>>From: Mahesh Bandewar <maheshb@...gle.com>
>>
>>Commit b89f04c61efe ("bonding: deliver link-local packets with
>>skb->dev set to link that packets arrived on") changed the behavior
>>of how link-local-multicast packets are processed. The change in
>>the behavior broke some legacy use cases where these packets are
>>expected to arrive on bonding master device also.
>>
>>This patch passes the packet to the stack with the link it arrived
>>on as well as passes to the bonding-master device to preserve the
>>legacy use case.
>
> Michal, can you test this? I'm travelling this week and won't
> be able to run the patch.
>
> Mahesh, will this confuse LLDP, et al, daemons that, e.g., bind
> to every possible interface and now see the same LLDP PDU (identical
> Chassis ID, Port ID, et al, TLVs) on multiple interfaces?
>
Well it's hard to say. In the previous world when these packets used
to appear only on bonding-master, that service had to go extra-lengths
to figure it out which link it actually came on in. With the earlier
change (SHA1: b89f04c61efe) it didn't have to but with this patch, the
best thing that they could do is just ignore those packets coming from
(any) virtual devices. The only reason why I'm OK with this change is
because L2 of a physical link is shared with a virtual link (bonding
master) and hence both links receiving the same link-local-multicast
seems acceptable. Making them appear only on bonding-master is just
wrong while correcting that behavior breaks the legacy use case and
here we are.
BTW when links are aggregated and using LACP, these packets don't
arrive the system-mac but the real mac of the sender with a dest
multicast-mac.
--mahesh..
> Thanks,
>
> -J
>
>>Reported-by: Michal Soltys <soltys@....info>
>>Signed-off-by: Mahesh Bandewar <maheshb@...gle.com>
>>---
>> drivers/net/bonding/bond_main.c | 17 +++++++++++++++--
>> 1 file changed, 15 insertions(+), 2 deletions(-)
>>
>>diff --git a/drivers/net/bonding/bond_main.c b/drivers/net/bonding/bond_main.c
>>index 9a2ea3c1f949..1d3b7d8448f2 100644
>>--- a/drivers/net/bonding/bond_main.c
>>+++ b/drivers/net/bonding/bond_main.c
>>@@ -1177,9 +1177,22 @@ static rx_handler_result_t bond_handle_frame(struct sk_buff **pskb)
>> }
>> }
>>
>>- /* don't change skb->dev for link-local packets */
>>- if (is_link_local_ether_addr(eth_hdr(skb)->h_dest))
>>+ /* Link-local multicast packets should be passed to the
>>+ * stack on the link they arrive as well as pass them to the
>>+ * bond-master device. These packets are mostly usable when
>>+ * stack receives it with the link on which they arrive
>>+ * (e.g. LLDP) but there may be some legacy behavior that
>>+ * expects these packets to appear on bonding master too.
>>+ */
>>+ if (is_link_local_ether_addr(eth_hdr(skb)->h_dest)) {
>>+ struct sk_buff *nskb = skb_clone(skb, GFP_ATOMIC);
>>+
>>+ if (nskb) {
>>+ nskb->dev = bond->dev;
>>+ netif_rx(nskb);
>>+ }
>> return RX_HANDLER_PASS;
>>+ }
>> if (bond_should_deliver_exact_match(skb, slave, bond))
>> return RX_HANDLER_EXACT;
>>
>>--
>>2.18.0.203.gfac676dfb9-goog
>
> ---
> -Jay Vosburgh, jay.vosburgh@...onical.com
Powered by blists - more mailing lists