lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sat, 06 Mar 2021 19:17:09 +0100
From:   Tobias Waldekranz <tobias@...dekranz.com>
To:     Vladimir Oltean <olteanv@...il.com>
Cc:     davem@...emloft.net, kuba@...nel.org, andrew@...n.ch,
        vivien.didelot@...il.com, f.fainelli@...il.com,
        netdev@...r.kernel.org
Subject: Re: [PATCH net 2/2] net: dsa: Always react to global bridge attribute changes

On Sat, Mar 06, 2021 at 16:04, Vladimir Oltean <olteanv@...il.com> wrote:
> On Sat, Mar 06, 2021 at 04:00:33PM +0200, Vladimir Oltean wrote:
>> Hi Tobias,
>>
>> On Sat, Mar 06, 2021 at 01:24:55AM +0100, Tobias Waldekranz wrote:
>> > This is the second attempt to provide a fix for the issue described in
>> > 99b8202b179f, which was reverted in the previous commit.
>> >
>> > When a change is made to some global bridge attribute, such as VLAN
>> > filtering, accept events where orig_dev is the bridge master netdev.
>> >
>> > Separate the validation of orig_dev based on whether the attribute in
>> > question is global or per-port.
>> >
>> > Fixes: 5696c8aedfcc ("net: dsa: Don't offload port attributes on standalone ports")
>> > Signed-off-by: Tobias Waldekranz <tobias@...dekranz.com>
>> > ---
>>
>> What do you think about this alternative?
>
> Ah, wait, this won't work when offloading objects/attributes on a LAG.
> Let me actually test your patch.

Right. But you made me realize that my v1 is also flawed, because it
does not guard against trying to apply attributes to non-offloaded
ports. ...the original issue :facepalm:

I have a version ready which reuses the exact predicate that you
previously added to dsa_port_offloads_netdev:

-               if (netif_is_bridge_master(attr->orig_dev))
+               if (dp->bridge_dev == attr->orig_dev)

Do you think anything else needs to be changed, or should I send that as
v2?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ