lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id: <167567401932.11144.3817510754379693271.git-patchwork-notify@kernel.org>
Date:   Mon, 06 Feb 2023 09:00:19 +0000
From:   patchwork-bot+netdevbpf@...nel.org
To:     Petr Machata <petrm@...dia.com>
Cc:     davem@...emloft.net, edumazet@...gle.com, kuba@...nel.org,
        pabeni@...hat.com, roopa@...dia.com, razor@...ckwall.org,
        netdev@...r.kernel.org, bridge@...ts.linux-foundation.org,
        idosch@...dia.com
Subject: Re: [PATCH net-next v3 00/16] bridge: Limit number of MDB entries per
 port, port-vlan

Hello:

This series was applied to netdev/net-next.git (master)
by David S. Miller <davem@...emloft.net>:

On Thu, 2 Feb 2023 18:59:18 +0100 you wrote:
> The MDB maintained by the bridge is limited. When the bridge is configured
> for IGMP / MLD snooping, a buggy or malicious client can easily exhaust its
> capacity. In SW datapath, the capacity is configurable through the
> IFLA_BR_MCAST_HASH_MAX parameter, but ultimately is finite. Obviously a
> similar limit exists in the HW datapath for purposes of offloading.
> 
> In order to prevent the issue of unilateral exhaustion of MDB resources,
> introduce two parameters in each of two contexts:
> 
> [...]

Here is the summary with links:
  - [net-next,v3,01/16] net: bridge: Set strict_start_type at two policies
    https://git.kernel.org/netdev/net-next/c/c00041cf1cb8
  - [net-next,v3,02/16] net: bridge: Add extack to br_multicast_new_port_group()
    https://git.kernel.org/netdev/net-next/c/60977a0c6337
  - [net-next,v3,03/16] net: bridge: Move extack-setting to br_multicast_new_port_group()
    https://git.kernel.org/netdev/net-next/c/1c85b80b20a1
  - [net-next,v3,04/16] net: bridge: Add br_multicast_del_port_group()
    https://git.kernel.org/netdev/net-next/c/976b3858dd14
  - [net-next,v3,05/16] net: bridge: Change a cleanup in br_multicast_new_port_group() to goto
    https://git.kernel.org/netdev/net-next/c/eceb30854f6b
  - [net-next,v3,06/16] net: bridge: Add a tracepoint for MDB overflows
    https://git.kernel.org/netdev/net-next/c/d47230a3480a
  - [net-next,v3,07/16] net: bridge: Maintain number of MDB entries in net_bridge_mcast_port
    https://git.kernel.org/netdev/net-next/c/b57e8d870d52
  - [net-next,v3,08/16] net: bridge: Add netlink knobs for number / maximum MDB entries
    https://git.kernel.org/netdev/net-next/c/a1aee20d5db2
  - [net-next,v3,09/16] selftests: forwarding: Move IGMP- and MLD-related functions to lib
    https://git.kernel.org/netdev/net-next/c/344dd2c9e743
  - [net-next,v3,10/16] selftests: forwarding: bridge_mdb: Fix a typo
    https://git.kernel.org/netdev/net-next/c/f7ccf60c4ada
  - [net-next,v3,11/16] selftests: forwarding: lib: Add helpers for IP address handling
    https://git.kernel.org/netdev/net-next/c/fcf4927632ee
  - [net-next,v3,12/16] selftests: forwarding: lib: Add helpers for checksum handling
    https://git.kernel.org/netdev/net-next/c/952e0ee38c72
  - [net-next,v3,13/16] selftests: forwarding: lib: Parameterize IGMPv3/MLDv2 generation
    https://git.kernel.org/netdev/net-next/c/506a1ac9d32b
  - [net-next,v3,14/16] selftests: forwarding: lib: Allow list of IPs for IGMPv3/MLDv2
    https://git.kernel.org/netdev/net-next/c/705d4bc7b6b6
  - [net-next,v3,15/16] selftests: forwarding: lib: Add helpers to build IGMP/MLD leave packets
    https://git.kernel.org/netdev/net-next/c/9ae854697317
  - [net-next,v3,16/16] selftests: forwarding: bridge_mdb_max: Add a new selftest
    https://git.kernel.org/netdev/net-next/c/3446dcd7df05

You are awesome, thank you!
-- 
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ