lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20240402001137.2980589-4-Joseph.Huang@garmin.com>
Date: Mon, 1 Apr 2024 20:11:02 -0400
From: Joseph Huang <Joseph.Huang@...min.com>
To: <netdev@...r.kernel.org>
CC: Joseph Huang <Joseph.Huang@...min.com>, Andrew Lunn <andrew@...n.ch>,
        Florian Fainelli <f.fainelli@...il.com>,
        Vladimir Oltean <olteanv@...il.com>,
        "David S. Miller" <davem@...emloft.net>,
        Eric Dumazet <edumazet@...gle.com>, Jakub Kicinski <kuba@...nel.org>,
        Paolo Abeni <pabeni@...hat.com>, "Roopa
 Prabhu" <roopa@...dia.com>,
        Nikolay Aleksandrov <razor@...ckwall.org>,
        Linus Lüssing <linus.luessing@...3.blue>,
        <linux-kernel@...r.kernel.org>, <bridge@...ts.linux.dev>
Subject: [PATCH RFC net-next 03/10] net: bridge: Always flood local subnet mc packets

Always flood packets with local multicast destination address.

If multicast flooding is disabled on a bridge port, local subnet multicast
packets from the bridge will not be forwarded out of that port, even if
IGMP snooping is running and the hosts beyond the bridge port are sending
Reports to join these groups (e.g., 224.0.0.251). This is because the bridge
blocks the creation of an mdb entry if the group is a local subnet multicast
address, which will cause these packets to be flooded via br_flood(),
but blocked by the mcast_flood flag check.

Signed-off-by: Joseph Huang <Joseph.Huang@...min.com>
---
 net/bridge/br_multicast.c | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/net/bridge/br_multicast.c b/net/bridge/br_multicast.c
index 8531f0e03f41..02a5209afab8 100644
--- a/net/bridge/br_multicast.c
+++ b/net/bridge/br_multicast.c
@@ -3823,11 +3823,14 @@ static int br_multicast_ipv4_rcv(struct net_bridge_mcast *brmctx,
 	if (err == -ENOMSG) {
 		if (!ipv4_is_local_multicast(ip_hdr(skb)->daddr)) {
 			BR_INPUT_SKB_CB(skb)->mrouters_only = 1;
-		} else if (pim_ipv4_all_pim_routers(ip_hdr(skb)->daddr)) {
-			if (ip_hdr(skb)->protocol == IPPROTO_PIM)
-				br_multicast_pim(brmctx, pmctx, skb);
-		} else if (ipv4_is_all_snoopers(ip_hdr(skb)->daddr)) {
-			br_ip4_multicast_mrd_rcv(brmctx, pmctx, skb);
+		} else {
+			BR_INPUT_SKB_CB(skb)->force_flood = 1;
+			if (pim_ipv4_all_pim_routers(ip_hdr(skb)->daddr)) {
+				if (ip_hdr(skb)->protocol == IPPROTO_PIM)
+					br_multicast_pim(brmctx, pmctx, skb);
+			} else if (ipv4_is_all_snoopers(ip_hdr(skb)->daddr)) {
+				br_ip4_multicast_mrd_rcv(brmctx, pmctx, skb);
+			}
 		}
 
 		return 0;
-- 
2.17.1


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ