| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 17 Jul 2023 16:23:37 +0200 From: Riccardo Laiolo <laiolo@...ff.it> To: Andrew Lunn <andrew@...n.ch> Cc: netdev@...r.kernel.org Subject: Re: Question on IGMP snooping on switch managment port > I would be interested in knowing if: > > commit 7bcad0f0e6fbc1d613e49e0ee35c8e5f2e685bb0 > Author: Steffen Bätz <steffen@...osonix.de> > Date: Wed Mar 29 12:01:40 2023 -0300 > > net: dsa: mv88e6xxx: Enable IGMP snooping on user ports only > > Do not set the MV88E6XXX_PORT_CTL0_IGMP_MLD_SNOOP bit on CPU or DSA ports. > > This allows the host CPU port to be a regular IGMP listener by sending out > IGMP Membership Reports, which would otherwise not be forwarded by the > mv88exxx chip, but directly looped back to the CPU port itself. > > > helps. > > Andrew I've already applied the patch you quoted. Without it there are no IGMP packets at all originating from my board. With the patch applied I see just the first Membership Report when i open the rx socket. Then, when the querier send the Membership Query packet, there is no answer from my board, but i see its own MDB entry timeout gets refreshed... but I can see the Group Leave packet when I close the rx socket. I think when the MV88E6XXX_PORT_CTL0_IGMP_MLD_SNOOP bit is reset the switch is not parsing the payload looking for the IGMP header, which is fine. But when the system tries to answer to the querier its packet get trapped in his own port rule since the Membership Report destination address is the multicast group address. -- Riccardo Laiolo
Powered by blists - more mailing lists