lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sat, 5 Dec 2020 13:49:51 -0800 From: Jakub Kicinski <kuba@...nel.org> To: Stephen Suryaputra <ssuryaextr@...il.com> Cc: David Ahern <dsahern@...il.com>, netdev@...r.kernel.org Subject: Re: [PATCH net] vrf: packets with lladdr src needs dst at input with orig_iif when needs strict On Fri, 4 Dec 2020 19:22:27 -0500 Stephen Suryaputra wrote: > On Fri, Dec 04, 2020 at 03:37:48PM -0800, Jakub Kicinski wrote: > > On Fri, 4 Dec 2020 09:32:04 -0700 David Ahern wrote: > > > On 12/3/20 8:06 PM, Stephen Suryaputra wrote: > > > > Depending on the order of the routes to fe80::/64 are installed on the > > > > VRF table, the NS for the source link-local address of the originator > > > > might be sent to the wrong interface. > > > > > > > > This patch ensures that packets with link-local addr source is doing a > > > > lookup with the orig_iif when the destination addr indicates that it > > > > is strict. > > > > > > > > Add the reproducer as a use case in self test script fcnal-test.sh. > > > > > > > > Signed-off-by: Stephen Suryaputra <ssuryaextr@...il.com> > > > > --- > > > > drivers/net/vrf.c | 10 ++- > > > > tools/testing/selftests/net/fcnal-test.sh | 95 +++++++++++++++++++++++ > > > > 2 files changed, 103 insertions(+), 2 deletions(-) > > > > > > Reviewed-by: David Ahern <dsahern@...nel.org> > > > > Should I put something like: > > > > Fixes: b4869aa2f881 ("net: vrf: ipv6 support for local traffic to local addresses") > > > > on this? > > I was conflicted when I was about to put Fixes tag on this patch because > it could either be b4869aa2f881 that you mentioned above, or 6f12fa7755301 > ("vrf: mark skb for multicast or link-local as enslaved to VRF"). So, I > decided not to put it, but may be I should so that this is qualified to > be queued to stable? Yeah, probably doesn't matter that much in practice. Either one would work, since the patch won't apply without 6f12fa7755301. I added the one I mentioned and applied to net. Thanks!
Powered by blists - more mailing lists