| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20200803.155835.1186341109955245993.davem@davemloft.net>
Date: Mon, 03 Aug 2020 15:58:35 -0700 (PDT)
From: David Miller <davem@...emloft.net>
To: nikolay@...ulusnetworks.com
Cc: netdev@...r.kernel.org, roopa@...ulusnetworks.com,
bridge@...ts.linux-foundation.org, dsahern@...il.com
Subject: Re: [PATCH net v2] net: bridge: clear skb private space on bridge
dev xmit
From: Nikolay Aleksandrov <nikolay@...ulusnetworks.com>
Date: Sun, 2 Aug 2020 15:50:39 +0300
> We need to clear all of the bridge private skb variables as they can be
> stale due to the packet having skb->cb initialized earlier and then
> transmitted through the bridge device. Similar memset is already done on
> bridge's input. We've seen cases where proxyarp_replied was 1 on routed
> multicast packets transmitted through the bridge to ports with neigh
> suppress and were getting dropped. Same thing can in theory happen with the
> port isolation bit as well. We clear only the struct part after the bridge
> pointer (currently 8 bytes) since the pointer is always set later.
> We can now remove the redundant zeroing of frag_max_size.
> Also add a BUILD_BUG_ON to make sure we catch any movement of the bridge
> dev pointer.
>
> Fixes: 821f1b21cabb ("bridge: add new BR_NEIGH_SUPPRESS port flag to suppress arp and nd flood")
> Signed-off-by: Nikolay Aleksandrov <nikolay@...ulusnetworks.com>
Nikolay, I applied v1 already as I'm not at all against the full clear.
Powered by blists - more mailing lists