lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <5438C46F-743C-4AE4-8A83-A0A223C0CE74@oracle.com>
Date: Sat, 6 May 2023 18:05:53 +0000
From: Chuck Lever III <chuck.lever@...cle.com>
To: Jason Gunthorpe <jgg@...pe.ca>
CC: Chuck Lever <cel@...nel.org>,
        "open list:NETWORKING [GENERAL]"
	<netdev@...r.kernel.org>,
        linux-rdma <linux-rdma@...r.kernel.org>,
        Bernard
 Metzler <BMT@...ich.ibm.com>, Tom Talpey <tom@...pey.com>,
        "parav@...dia.com"
	<parav@...dia.com>
Subject: Re: [PATCH RFC 3/3] RDMA/siw: Require non-zero 6-byte MACs for soft
 iWARP


> On May 5, 2023, at 4:03 PM, Chuck Lever III <chuck.lever@...cle.com> wrote:
> 
>> On May 5, 2023, at 3:58 PM, Jason Gunthorpe <jgg@...pe.ca> wrote:
>> 
>> On Fri, May 05, 2023 at 11:43:11AM -0400, Chuck Lever wrote:
>>> From: Chuck Lever <chuck.lever@...cle.com>
>>> 
>>> In the past, LOOPBACK and NONE (tunnel) devices had all-zero MAC
>>> addresses. siw_device_create() would fall back to copying the
>>> device's name in those cases, because an all-zero MAC address breaks
>>> the RDMA core IP-to-device lookup mechanism.
>> 
>> Why not just make up a dummy address in SIW? It shouldn't need to leak
>> out of it.. It is just some artifact of how the iWarp stuff has been
>> designed
> 
> I've been trying that.
> 
> Even though the siw0 device is now registered with a non-zero GID, 
> cma_acquire_dev_by_src_ip() still comes up with a zero GID which
> matches no device. Address resolution then fails.
> 
> I'm still looking into why.

The tun0 device's flags are:

   UP|POINTOPOINT|NOARP|MULTICAST

That flag combination turns addr_resolve_neigh() into a no-op, so
that the returned GIDs and addresses are uninitialized.

Cc'ing Parav because he's the last person who did significant work
on this code path. I can hack this to make it work, but I have no
idea what the proper solution would be.


--
Chuck Lever

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ