lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <20231118091141.1e650296@hermes.local>
Date: Sat, 18 Nov 2023 09:11:41 -0800
From: Stephen Hemminger <stephen@...workplumber.org>
To: netdev@...r.kernel.org
Subject: Fw: [Bug 218157] New: Linux bridge corruption ethernet heaser if
 transfer vlan packet if configure tc-vlan rule



Begin forwarded message:

Date: Sat, 18 Nov 2023 16:38:49 +0000
From: bugzilla-daemon@...nel.org
To: stephen@...workplumber.org
Subject: [Bug 218157] New: Linux bridge corruption ethernet heaser if transfer vlan packet if configure tc-vlan rule


https://bugzilla.kernel.org/show_bug.cgi?id=218157

            Bug ID: 218157
           Summary: Linux bridge corruption ethernet heaser if transfer
                    vlan packet if configure tc-vlan rule
           Product: Networking
           Version: 2.5
          Hardware: All
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P3
         Component: Other
          Assignee: stephen@...workplumber.org
          Reporter: ne-vlezay80@...dex.ru
        Regression: No

TC ingress configuration from network interface:

root@...lpc:/home/ne-vlezay80#[127] tc filter show dev vm-test10.0 parent ffff:
filter protocol all pref 49152 matchall chain 0 
filter protocol all pref 49152 matchall chain 0 handle 0x1 
  not_in_hw
        action order 1: vlan  push id 10 protocol 802.1Q priority 0 pipe
         index 1 ref 1 bind 1

        action order 2: mirred (Egress Redirect to device vm-test10.0-ifb)
stolen
        index 5 ref 1 bind 1
tcpdump from vm interfaces:
root@...lpc:/home/ne-vlezay80#[0] tcpdump -i vm-test10.0 -ne not port 22
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on vm-test10.0, link-type EN10MB (Ethernet), snapshot length 262144
bytes
19:34:42.581388 52:54:00:01:55:01 > 33:33:00:00:00:01, ethertype 802.1Q
(0x8100), length 122: vlan 110, p 0, ethertype IPv6 (0x86dd),
fe80::5054:ff:fe01:5501 > ff02::1: ICMP6, echo request, id 3572, seq 0, length
64
19:34:42.713886 08:00:27:66:44:02 > 01:00:5e:00:00:05, ethertype IPv4 (0x0800),
length 82: 192.168.10.1 > 224.0.0.5: OSPFv2, Hello, length 48
19:34:43.581572 52:54:00:01:55:01 > 33:33:00:00:00:01, ethertype 802.1Q
(0x8100), length 122: vlan 110, p 0, ethertype IPv6 (0x86dd),
fe80::5054:ff:fe01:5501 > ff02::1: ICMP6, echo request, id 3572, seq 1, length
64
19:34:44.581718 52:54:00:01:55:01 > 33:33:00:00:00:01, ethertype 802.1Q
(0x8100), length 122: vlan 110, p 0, ethertype IPv6 (0x86dd),
fe80::5054:ff:fe01:5501 > ff02::1: ICMP6, echo request, id 3572, seq 2, length
64
19:34:45.581964 52:54:00:01:55:01 > 33:33:00:00:00:01, ethertype 802.1Q
(0x8100), length 122: vlan 110, p 0, ethertype IPv6 (0x86dd),
fe80::5054:ff:fe01:5501 > ff02::1: ICMP6, echo request, id 3572, seq 3, length
64
19:34:46.129360 08:00:27:66:44:02 > 33:33:00:00:00:05, ethertype IPv6 (0x86dd),
length 94: fe80::a00:27ff:fe66:4402 > ff02::5: OSPFv3, Hello, length 40
19:34:47.314145 52:54:00:01:55:01 > 08:00:27:66:44:02, ethertype IPv4 (0x0800),
length 85: 172.18.3.1.33850 > 172.18.3.0.179: Flags [P.], seq
3664159432:3664159451, ack 4138575432, win 504, options [nop,nop,TS val
288779010 ecr 3989811588], length 19: BGP
19:34:47.314555 08:00:27:66:44:02 > 52:54:00:01:55:01, ethertype IPv4 (0x0800),
length 85: 172.18.3.0.179 > 172.18.3.1.33850: Flags [P.], seq 1:20, ack 19, win
502, options [nop,nop,TS val 3989871588 ecr 288779010], length 19: BGP
19:34:47.314703 52:54:00:01:55:01 > 08:00:27:66:44:02, ethertype IPv4 (0x0800),
length 66: 172.18.3.1.33850 > 172.18.3.0.179: Flags [.], ack 20, win 504,
options [nop,nop,TS val 288779011 ecr 3989871588], length 0
19:34:47.482985 52:54:00:01:55:01 > 01:00:5e:00:00:05, ethertype IPv4 (0x0800),
length 82: 192.168.10.2 > 224.0.0.5: OSPFv2, Hello, length 48
^C
10 packets captured
10 packets received by filter
0 packets dropped by kernel
root@...lpc:/home/ne-vlezay80#[0] 
tcpdump width switch:
root@...lpc:/home/ne-vlezay80#[1] tcpdump -i vm-test1 -ne not port 22
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on vm-test1, link-type EN10MB (Ethernet), snapshot length 262144
bytes
19:35:57.483216 52:54:00:01:55:01 > 01:00:5e:00:00:05, ethertype 802.1Q
(0x8100), length 86: vlan 10, p 0, ethertype IPv4 (0x0800), 192.168.10.2 >
224.0.0.5: OSPFv2, Hello, length 48
19:36:00.138697 55:01:81:00:00:6e > 00:01:52:54:00:01, ethertype 802.1Q
(0x8100), length 122: vlan 10, p 0, ethertype IPv6 (0x86dd),
fe80::5054:ff:fe01:5501 > ff02::1: ICMP6, echo request, id 3573, seq 0, length
64
19:36:00.351335 52:54:00:01:55:01 > 33:33:00:00:00:05, ethertype 802.1Q
(0x8100), length 98: vlan 10, p 0, ethertype IPv6 (0x86dd),
fe80::5054:ff:fe01:5501 > ff02::5: OSPFv3, Hello, length 40
19:36:01.138953 55:01:81:00:00:6e > 00:01:52:54:00:01, ethertype 802.1Q
(0x8100), length 122: vlan 10, p 0, ethertype IPv6 (0x86dd),
fe80::5054:ff:fe01:5501 > ff02::1: ICMP6, echo request, id 3573, seq 1, length
64
19:36:02.722027 08:00:27:66:44:02 > 01:00:5e:00:00:05, ethertype 802.1Q
(0x8100), length 86: vlan 10, p 0, ethertype IPv4 (0x0800), 192.168.10.1 >
224.0.0.5: OSPFv2, Hello, length 48
^C
5 packets captured
5 packets received by filter
0 packets dropped by kernel
root@...lpc:/home/ne-vlezay80#[0] 

VLAN map:
110 - test vlan
10 - vm vlan

-- 
You may reply to this email to add a comment.

You are receiving this mail because:
You are the assignee for the bug.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ