lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Wed, 13 Mar 2024 11:20:16 +0100
From: Ignacy Gawedzki <ignacy.gawedzki@...en-communications.fr>
To: netdev@...r.kernel.org
Subject: Issues with notification of NUD_NOARP neighbor entries

Hi,

I've stumbled upon several issues with the way NUD_NOARP neighbor
entries are being notified on netlink (as reported by ip monitor neigh).

First, it looks like NUD_NOARP neighbor entries are not notified with
RTM_NEWNEIGH upon insertion in the table (either by the kernel or
explicitly using ip neigh add).

Second, if such entry is explicitly removed from the table (using
either ip neigh del or ip neigh flush), then the corresponding
RTM_NEWNEIGH is sent right before the RTM_DELNEIGH.

Third, when such entries are removed by the GC, only the RTM_DELNEIGH
is sent.

This is at least the case with 0.0.0.0 and any IPv4 multicast address
entry.  I haven't had the opportunity to test with IPv6 just yet.

By looking at netdev archives and recent commits, it looks like these
issues have not been addressed since kernel 6.5.

The neighbor management code is fairly complex and I would like to
know your opinion on this before digging more into it and attempting a
fix.

Thanks,

Ignacy

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ