| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 21 Jan 2022 14:38:03 +0800
From: 孙守鑫 <sunshouxin@...natelecom.cn>
To: Jay Vosburgh <jay.vosburgh@...onical.com>
Cc: vfalico@...il.com, andy@...yhouse.net, davem@...emloft.net,
kuba@...nel.org, netdev@...r.kernel.org,
linux-kernel@...r.kernel.org, huyd12@...natelecom.cn
Subject: Re: [PATCH v6] net: bonding: Add support for IPV6 ns/na to
balance-alb/balance-tlb mode
在 2022/1/21 14:25, Jay Vosburgh 写道:
> Sun Shouxin <sunshouxin@...natelecom.cn> wrote:
>
>> Since ipv6 neighbor solicitation and advertisement messages
>> isn't handled gracefully in bonding6 driver, we can see packet
>> drop due to inconsistency bewteen mac address in the option
>> message and source MAC .
>>
>> Another examples is ipv6 neighbor solicitation and advertisement
>> messages from VM via tap attached to host brighe, the src mac
>> mighe be changed through balance-alb mode, but it is not synced
>> with Link-layer address in the option message.
>>
>> The patch implements bond6's tx handle for ipv6 neighbor
>> solicitation and advertisement messages.
> As previously discussed, this looks reasonable to me to resolve
> the described MAC discrepancy. One minor nit is a couple of misspelled
> words in the description above, "brighe" and "mighe."
>
> Acked-by: Jay Vosburgh <jay.vosburgh@...onical.com>
>
> -J
Thanks your comment, I'll adjust it and send out V7 soon.
>
>> Suggested-by: Hu Yadi <huyd12@...natelecom.cn>
>> Reported-by: kernel test robot <lkp@...el.com>
>> Signed-off-by: Sun Shouxin <sunshouxin@...natelecom.cn>
>> ---
>> drivers/net/bonding/bond_alb.c | 36 ++++++++++++++++++++++++++++++++++
>> 1 file changed, 36 insertions(+)
>>
>> diff --git a/drivers/net/bonding/bond_alb.c b/drivers/net/bonding/bond_alb.c
>> index 533e476988f2..82b7071840b1 100644
>> --- a/drivers/net/bonding/bond_alb.c
>> +++ b/drivers/net/bonding/bond_alb.c
>> @@ -1269,6 +1269,34 @@ static int alb_set_mac_address(struct bonding *bond, void *addr)
>> return res;
>> }
>>
>> +/*determine if the packet is NA or NS*/
>> +static bool __alb_determine_nd(struct icmp6hdr *hdr)
>> +{
>> + if (hdr->icmp6_type == NDISC_NEIGHBOUR_ADVERTISEMENT ||
>> + hdr->icmp6_type == NDISC_NEIGHBOUR_SOLICITATION) {
>> + return true;
>> + }
>> +
>> + return false;
>> +}
>> +
>> +static bool alb_determine_nd(struct sk_buff *skb, struct bonding *bond)
>> +{
>> + struct ipv6hdr *ip6hdr;
>> + struct icmp6hdr *hdr;
>> +
>> + if (skb->protocol == htons(ETH_P_IPV6)) {
>> + ip6hdr = ipv6_hdr(skb);
>> + if (ip6hdr->nexthdr == IPPROTO_ICMPV6) {
>> + hdr = icmp6_hdr(skb);
>> + if (__alb_determine_nd(hdr))
>> + return true;
>> + }
>> + }
>> +
>> + return false;
>> +}
>> +
>> /************************ exported alb functions ************************/
>>
>> int bond_alb_initialize(struct bonding *bond, int rlb_enabled)
>> @@ -1350,6 +1378,9 @@ struct slave *bond_xmit_tlb_slave_get(struct bonding *bond,
>> switch (skb->protocol) {
>> case htons(ETH_P_IP):
>> case htons(ETH_P_IPV6):
>> + if (alb_determine_nd(skb, bond))
>> + break;
>> +
>> hash_index = bond_xmit_hash(bond, skb);
>> if (bond->params.tlb_dynamic_lb) {
>> tx_slave = tlb_choose_channel(bond,
>> @@ -1446,6 +1477,11 @@ struct slave *bond_xmit_alb_slave_get(struct bonding *bond,
>> break;
>> }
>>
>> + if (alb_determine_nd(skb, bond)) {
>> + do_tx_balance = false;
>> + break;
>> + }
>> +
>> hash_start = (char *)&ip6hdr->daddr;
>> hash_size = sizeof(ip6hdr->daddr);
>> break;
>>
>> base-commit: 79e06c4c4950be2abd8ca5d2428a8c915aa62c24
>> --
>> 2.27.0
>>
> ---
> -Jay Vosburgh, jay.vosburgh@...onical.com
Powered by blists - more mailing lists