| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 23 Mar 2020 10:23:15 -0600
From: David Ahern <dsahern@...il.com>
To: Sukumar Gopalakrishnan <sukumarg1973@...il.com>,
Sasha Levin <sashal@...nel.org>
Cc: netdev@...r.kernel.org
Subject: Re: VRF: All router multicast entry(FF02:2) not added to VRF Dev but
added on VLAN Dev
On 3/23/20 12:00 AM, Sukumar Gopalakrishnan wrote:
> As per the kernel version 4.14.170, skb->dev is changing to vrf_dev even
> if need_strict is TRUE except few types of ndisc packets..
>
> static struct sk_buff *vrf_ip6_rcv(struct net_device *vrf_dev,
> struct sk_buff *skb)
> {
> int orig_iif = skb->skb_iif;
> bool need_strict = rt6_need_strict(&ipv6_hdr(skb)->daddr);
> bool is_ndisc = ipv6_ndisc_frame(skb);
>
> /* loopback, multicast & non-ND link-local traffic; do not push
> through
> * packet taps again. Reset pkt_type for upper layers to process skb
> */
> if (skb->pkt_type == PACKET_LOOPBACK || (need_strict &&
> !is_ndisc)) {
> skb->dev = vrf_dev;
> skb->skb_iif = vrf_dev->ifindex;
> IP6CB(skb)->flags |= IP6SKB_L3SLAVE;
> if (skb->pkt_type == PACKET_LOOPBACK)
> skb->pkt_type = PACKET_HOST;
> goto out;
> }
>
This 4.14 patch needs to be reverted:
commit 2271c9500434af2a26b2c9eadeb3c0b075409fb5
Author: Mike Manning <mmanning@...tta.att-mail.com>
Date: Wed Nov 7 15:36:07 2018 +0000
vrf: mark skb for multicast or link-local as enslaved to VRF
[ Upstream commit 6f12fa775530195a501fb090d092c637f32d0cc5 ]
The upstream commit should not have been backported.
Sasha: can you revert?
Powered by blists - more mailing lists