lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <aef7b9ca-a351-de95-6c50-565f8678066e@redhat.com>
Date:   Thu, 30 Mar 2023 12:46:14 -0400
From:   Jonathan Toppins <jtoppins@...hat.com>
To:     Hangbin Liu <liuhangbin@...il.com>, netdev@...r.kernel.org
Cc:     Jay Vosburgh <j.vosburgh@...il.com>,
        "David S . Miller" <davem@...emloft.net>,
        Jakub Kicinski <kuba@...nel.org>,
        Paolo Abeni <pabeni@...hat.com>,
        Eric Dumazet <edumazet@...gle.com>, Liang Li <liali@...hat.com>
Subject: Re: [PATCH net 1/3] bonding: fix ns validation on backup slaves

On 3/29/23 06:18, Hangbin Liu wrote:
> When arp_validate is set to 2, 3, or 6, validation is performed for
> backup slaves as well. As stated in the bond documentation, validation
> involves checking the broadcast ARP request sent out via the active
> slave. This helps determine which slaves are more likely to function in
> the event of an active slave failure.
> 
> However, when the target is an IPv6 address, the NS message sent from
> the active interface is not checked on backup slaves. Additionally,
> based on the bond_arp_rcv() rule b, we must reverse the saddr and daddr
> when checking the NS message.
> 
> Note that when checking the NS message, the destination address is a
> multicast address. Therefore, we must convert the target address to
> solicited multicast in the bond_get_targets_ip6() function.
> 
> Prior to the fix, the backup slaves had a mii status of "down", but
> after the fix, all of the slaves' mii status was updated to "UP".
> 
> Fixes: 4e24be018eb9 ("bonding: add new parameter ns_targets")
> Signed-off-by: Hangbin Liu <liuhangbin@...il.com>

Reviewed-by: Jonathan Toppins <jtoppins@...hat.com>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ