| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 06 Feb 2023 09:00:19 +0000
From: patchwork-bot+netdevbpf@...nel.org
To: Petr Machata <petrm@...dia.com>
Cc: davem@...emloft.net, edumazet@...gle.com, kuba@...nel.org,
pabeni@...hat.com, roopa@...dia.com, razor@...ckwall.org,
netdev@...r.kernel.org, bridge@...ts.linux-foundation.org,
idosch@...dia.com
Subject: Re: [PATCH net-next v3 00/16] bridge: Limit number of MDB entries per
port, port-vlan
Hello:
This series was applied to netdev/net-next.git (master)
by David S. Miller <davem@...emloft.net>:
On Thu, 2 Feb 2023 18:59:18 +0100 you wrote:
> The MDB maintained by the bridge is limited. When the bridge is configured
> for IGMP / MLD snooping, a buggy or malicious client can easily exhaust its
> capacity. In SW datapath, the capacity is configurable through the
> IFLA_BR_MCAST_HASH_MAX parameter, but ultimately is finite. Obviously a
> similar limit exists in the HW datapath for purposes of offloading.
>
> In order to prevent the issue of unilateral exhaustion of MDB resources,
> introduce two parameters in each of two contexts:
>
> [...]
Here is the summary with links:
- [net-next,v3,01/16] net: bridge: Set strict_start_type at two policies
https://git.kernel.org/netdev/net-next/c/c00041cf1cb8
- [net-next,v3,02/16] net: bridge: Add extack to br_multicast_new_port_group()
https://git.kernel.org/netdev/net-next/c/60977a0c6337
- [net-next,v3,03/16] net: bridge: Move extack-setting to br_multicast_new_port_group()
https://git.kernel.org/netdev/net-next/c/1c85b80b20a1
- [net-next,v3,04/16] net: bridge: Add br_multicast_del_port_group()
https://git.kernel.org/netdev/net-next/c/976b3858dd14
- [net-next,v3,05/16] net: bridge: Change a cleanup in br_multicast_new_port_group() to goto
https://git.kernel.org/netdev/net-next/c/eceb30854f6b
- [net-next,v3,06/16] net: bridge: Add a tracepoint for MDB overflows
https://git.kernel.org/netdev/net-next/c/d47230a3480a
- [net-next,v3,07/16] net: bridge: Maintain number of MDB entries in net_bridge_mcast_port
https://git.kernel.org/netdev/net-next/c/b57e8d870d52
- [net-next,v3,08/16] net: bridge: Add netlink knobs for number / maximum MDB entries
https://git.kernel.org/netdev/net-next/c/a1aee20d5db2
- [net-next,v3,09/16] selftests: forwarding: Move IGMP- and MLD-related functions to lib
https://git.kernel.org/netdev/net-next/c/344dd2c9e743
- [net-next,v3,10/16] selftests: forwarding: bridge_mdb: Fix a typo
https://git.kernel.org/netdev/net-next/c/f7ccf60c4ada
- [net-next,v3,11/16] selftests: forwarding: lib: Add helpers for IP address handling
https://git.kernel.org/netdev/net-next/c/fcf4927632ee
- [net-next,v3,12/16] selftests: forwarding: lib: Add helpers for checksum handling
https://git.kernel.org/netdev/net-next/c/952e0ee38c72
- [net-next,v3,13/16] selftests: forwarding: lib: Parameterize IGMPv3/MLDv2 generation
https://git.kernel.org/netdev/net-next/c/506a1ac9d32b
- [net-next,v3,14/16] selftests: forwarding: lib: Allow list of IPs for IGMPv3/MLDv2
https://git.kernel.org/netdev/net-next/c/705d4bc7b6b6
- [net-next,v3,15/16] selftests: forwarding: lib: Add helpers to build IGMP/MLD leave packets
https://git.kernel.org/netdev/net-next/c/9ae854697317
- [net-next,v3,16/16] selftests: forwarding: bridge_mdb_max: Add a new selftest
https://git.kernel.org/netdev/net-next/c/3446dcd7df05
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
Powered by blists - more mailing lists