lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20180819010739.26975-1-slapdau@gmail.com>
Date:   Sun, 19 Aug 2018 13:07:38 +1200
From:   Craig McGeachie <slapdau@...il.com>
To:     "David S. Miller" <davem@...emloft.net>, netdev@...r.kernel.org
Cc:     Craig McGeachie <slapdau@...il.com>,
        Craig McGeachie <slapdau@...oo.com.au>
Subject: [RFC 0/1] Appletalk AARP probe broken by receipt of own broadcasts.

I'm hoping I can find someone able and willing to test this patch. That
requires someone still using netatalk 2.2.x with DDP, or some other DDP
userspace application. This feels like a longshot.

When netatalk 2.2.x starts up with DDP and sets the Appletalk node
address, the kernel AARP code sends a probe packet for the address. It
then receives its own probe packet and interprets that as some other
node also trying to claim the address. It increments the address, tries
again, and fails again ad nausium. Eventually the kernel module gives up
and returns to netatalk which terminates with an error that it cannot
get a node address.

Well, most of the time. There seems to be some sort of race condition
where occasionally a self collision won't happen. Restart netatalk
enough times and it will probably work.

The device Ethernet MAC address is copied into the AARP packet, so the
fix is to disregard all received packets that have a sender address that
matches the device hardware address. This is more than just probe
packets, but there is no legitimate situation where an Appletalk node
sends AARP packets to itself.

Craig McGeachie (1):
  appletalk: ignore aarp probe broadcasts that loopback.

 net/appletalk/aarp.c | 4 ++++
 1 file changed, 4 insertions(+)

-- 
2.17.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ