lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <6005840.1IzOArtZ34@sven-desktop>
Date: Sat, 31 May 2025 11:52:12 +0200
From: Sven Eckelmann <sven@...fation.org>
To: Marek Lindner <marek.lindner@...lbox.org>,
 Simon Wunderlich <sw@...onwunderlich.de>,
 Antonio Quartulli <antonio@...delbit.com>,
 Matthias Schiffer <mschiffer@...verse-factory.net>
Cc: "David S. Miller" <davem@...emloft.net>,
 Eric Dumazet <edumazet@...gle.com>, Jakub Kicinski <kuba@...nel.org>,
 Paolo Abeni <pabeni@...hat.com>, Simon Horman <horms@...nel.org>,
 b.a.t.m.a.n@...ts.open-mesh.org, netdev@...r.kernel.org,
 linux-kernel@...r.kernel.org,
 Matthias Schiffer <mschiffer@...verse-factory.net>
Subject:
 Re: [PATCH batadv 2/5] batman-adv: only create hardif while a netdev is part
 of a mesh

On Monday, 19 May 2025 22:46:29 CEST Matthias Schiffer wrote:
> -int batadv_hardif_enable_interface(struct batadv_hard_iface *hard_iface,
> +int batadv_hardif_enable_interface(struct net_device *net_dev,
>                                    struct net_device *mesh_iface)
>  {
[....]
> +       hard_iface->wifi_flags = batadv_wifi_flags_evaluate(net_dev);

Moving this here should break the WIFI TT flag in scenarios like this:

                   ┌──────┐             
       ┌───────────┼br-lan├──────┐      
       │           └──────┘      │      
       │                         │      
       │                         │      
     ┌─▼─┐                    ┌──▼─┐    
     │ap0│                    │bat0│    
     └───┘                    └──┬─┘    
                                 │      
                                 │      
                              ┌──▼──┐   
                              │mesh0│   
                              └─────┘   


ap0 is not the lower interface of any batadv mesh interface but TT ap 
isolation is depending on the information stored for this hardif. See:



/**
 * batadv_is_wifi_hardif() - check if the given hardif is a wifi interface
 * @hard_iface: the device to check
 *
 * Return: true if the net device is a 802.11 wireless device, false otherwise.
 */
bool batadv_is_wifi_hardif(struct batadv_hard_iface *hard_iface)
{
	if (!hard_iface)
		return false;

	return hard_iface->wifi_flags != 0;
}

bool batadv_tt_local_add(struct net_device *mesh_iface, const u8 *addr,
			 unsigned short vid, int ifindex, u32 mark)
{
[...]
	if (ifindex != BATADV_NULL_IFINDEX)
		in_dev = dev_get_by_index(net, ifindex);

	if (in_dev)
		in_hardif = batadv_hardif_get_by_netdev(in_dev);
[...]
	if (batadv_is_wifi_hardif(in_hardif))
		tt_local->common.flags |= BATADV_TT_CLIENT_WIFI;
[...]


static bool
_batadv_is_ap_isolated(struct batadv_tt_local_entry *tt_local_entry,
		       struct batadv_tt_global_entry *tt_global_entry)
{
	if (tt_local_entry->common.flags & BATADV_TT_CLIENT_WIFI &&
	    tt_global_entry->common.flags & BATADV_TT_CLIENT_WIFI)
		return true;

	/* check if the two clients are marked as isolated */
	if (tt_local_entry->common.flags & BATADV_TT_CLIENT_ISOLA &&
	    tt_global_entry->common.flags & BATADV_TT_CLIENT_ISOLA)
		return true;

	return false;
}


Kind regards,
	Sven
Download attachment "signature.asc" of type "application/pgp-signature" (229 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ