lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Mon, 18 Feb 2019 18:51:20 -0700
From:   David Ahern <dsahern@...il.com>
To:     Michal Soltys <soltys@....info>, David Miller <davem@...emloft.net>
Cc:     Maciej ┼╗enczykowski <zenczykowski@...il.com>,
        Jay Vosburgh <jay.vosburgh@...onical.com>,
        Vincent Bernat <vincent@...nat.ch>,
        Mahesh Bandewar <maheshb@...gle.com>,
        Chonggang Li <chonggangli@...gle.com>,
        Linux NetDev <netdev@...r.kernel.org>
Subject: Re: [PATCH v2] bonding: fix PACKET_ORIGDEV regression

On 2/18/19 9:55 AM, Michal Soltys wrote:
> This patch fixes a subtle PACKET_ORIGDEV regression which was a side
> effect of fixes introduced by:
> 
> 6a9e461f6fe4 bonding: pass link-local packets to bonding master also.
> 
> ... to:
> 
> b89f04c61efe bonding: deliver link-local packets with skb->dev set to link that packets arrived on
> 
> While 6a9e461f6fe4 restored pre-b89f04c61efe presence of link-local
> packets on bonding masters (which is required e.g. by linux bridges
> participating in spanning tree or needed for lab-like setups created
> with group_fwd_mask) it also caused the originating device
> information to be lost due to cloning.
> 
> Maciej ┼╗enczykowski proposed another solution that doesn't require
> packet cloning and retains original device information - instead of
> returning RX_HANDLER_PASS for all link-local packets it's now limited
> only to packets from inactive slaves.
> 
> At the same time, packets passed to bonding masters retain correct
> information about the originating device and PACKET_ORIGDEV can be used
> to determine it.
> 
> This elegantly solves all issues so far:
> 
> - link-local packets that were removed from bonding masters
> - LLDP daemons being forced to explicitly bind to slave interfaces
> - PACKET_ORIGDEV having no effect on bond interfaces
> 
> Fixes: 6a9e461f6fe4 (bonding: pass link-local packets to bonding master also.)
> Reported-by: Vincent Bernat <vincent@...nat.ch>
> Signed-off-by: Michal Soltys <soltys@....info>
> ---
>  drivers/net/bonding/bond_main.c | 35 +++++++++++++--------------------
>  1 file changed, 14 insertions(+), 21 deletions(-)
> 

Hi Michal:

Can you add test cases that shows the expectations of this API? Given
the back and forth on the last set of patches -- and the impacts to
lldpd users for example -- we really need test cases added to selftests.

Powered by blists - more mailing lists