[PATCH net-next] arp: Ignore packets with an all zero sender mac address

netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH net-next] arp: Ignore packets with an all zero sender mac address
@ 2017-10-26  8:37 Eelco Chaudron
  2017-10-27 13:48 ` David Miller
  0 siblings, 1 reply; 4+ messages in thread
From: Eelco Chaudron @ 2017-10-26  8:37 UTC (permalink / raw)
  To: netdev; +Cc: davem

Some applications/devices seem to forget their MAC address when
performing some kind of a failover which triggers (something that
looks like) a gratuities arp.

The ARP packet looks something like this:

  Address Resolution Protocol (reply)
      Hardware type: Ethernet (1)
      Protocol type: IPv4 (0x0800)
      Hardware size: 6
      Protocol size: 4
      Opcode: reply (2)
      Sender MAC address: 00:00:00:00:00:00
      Sender IP address: 10.0.0.1
      Target MAC address: 00:00:00:00:00:00
      Target IP address: 255.255.255.255

This will result in existing arp entries being overwritten with an all
zero mac address. Until the arp entry times out this host can no
longer initiate a connection to this device.

Checking for and ignoring invalid mac addresses will solve this
problem.

Signed-off-by: Eelco Chaudron <echaudro@redhat.com>
---
 net/ipv4/arp.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/net/ipv4/arp.c b/net/ipv4/arp.c
index a8d7c5a9fb05..e60c88b203e9 100644
--- a/net/ipv4/arp.c
+++ b/net/ipv4/arp.c
@@ -750,6 +750,16 @@ static int arp_process(struct net *net, struct sock *sk, struct sk_buff *skb)
 	case ARPHRD_IEEE1394:
 		break;
 #endif
+	case ARPHRD_ETHER:
+	case ARPHRD_FDDI:
+	case ARPHRD_IEEE802:
+		/*
+		 * Check for bad sender hardware addresses. An all zero MAC
+		 * address is not valid for Ethernet, FDDI or IEEE802.
+		 */
+		if (is_zero_ether_addr(sha))
+			goto out_free_skb;
+		break;
 	default:
 		tha = arp_ptr;
 		arp_ptr += dev->addr_len;
-- 
2.13.6

^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [PATCH net-next] arp: Ignore packets with an all zero sender mac address
  2017-10-26  8:37 [PATCH net-next] arp: Ignore packets with an all zero sender mac address Eelco Chaudron
@ 2017-10-27 13:48 ` David Miller
  2017-11-03 10:39   ` Eelco Chaudron
  0 siblings, 1 reply; 4+ messages in thread
From: David Miller @ 2017-10-27 13:48 UTC (permalink / raw)
  To: echaudro; +Cc: netdev

From: Eelco Chaudron <echaudro@redhat.com>
Date: Thu, 26 Oct 2017 10:37:01 +0200

> Some applications/devices seem to forget their MAC address when
> performing some kind of a failover which triggers (something that
> looks like) a gratuities arp.
> 
> The ARP packet looks something like this:
> 
>   Address Resolution Protocol (reply)
>       Hardware type: Ethernet (1)
>       Protocol type: IPv4 (0x0800)
>       Hardware size: 6
>       Protocol size: 4
>       Opcode: reply (2)
>       Sender MAC address: 00:00:00:00:00:00
>       Sender IP address: 10.0.0.1
>       Target MAC address: 00:00:00:00:00:00
>       Target IP address: 255.255.255.255
> 
> This will result in existing arp entries being overwritten with an all
> zero mac address. Until the arp entry times out this host can no
> longer initiate a connection to this device.
> 
> Checking for and ignoring invalid mac addresses will solve this
> problem.
> 
> Signed-off-by: Eelco Chaudron <echaudro@redhat.com>

I really have trouble justifying this fully.

I looked at a bunch of ARP implementations, and I see no special
checks about the link level address other than to make sure it isn't
"our" address.

Whatever is generating these weird ARP packets should be fixed
instead.

Thank you.

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH net-next] arp: Ignore packets with an all zero sender mac address
  2017-10-27 13:48 ` David Miller
@ 2017-11-03 10:39   ` Eelco Chaudron
  2017-11-03 12:19     ` David Miller
  0 siblings, 1 reply; 4+ messages in thread
From: Eelco Chaudron @ 2017-11-03 10:39 UTC (permalink / raw)
  To: David Miller; +Cc: netdev

On 27/10/17 15:48, David Miller wrote:
> From: Eelco Chaudron <echaudro@redhat.com>
> Date: Thu, 26 Oct 2017 10:37:01 +0200
>
>> Some applications/devices seem to forget their MAC address when
>> performing some kind of a failover which triggers (something that
>> looks like) a gratuities arp.
>>
>> The ARP packet looks something like this:
>>
>>    Address Resolution Protocol (reply)
>>        Hardware type: Ethernet (1)
>>        Protocol type: IPv4 (0x0800)
>>        Hardware size: 6
>>        Protocol size: 4
>>        Opcode: reply (2)
>>        Sender MAC address: 00:00:00:00:00:00
>>        Sender IP address: 10.0.0.1
>>        Target MAC address: 00:00:00:00:00:00
>>        Target IP address: 255.255.255.255
>>
>> This will result in existing arp entries being overwritten with an all
>> zero mac address. Until the arp entry times out this host can no
>> longer initiate a connection to this device.
>>
>> Checking for and ignoring invalid mac addresses will solve this
>> problem.
>>
>> Signed-off-by: Eelco Chaudron <echaudro@redhat.com>
> I really have trouble justifying this fully.
>
> I looked at a bunch of ARP implementations, and I see no special
> checks about the link level address other than to make sure it isn't
> "our" address.
>
> Whatever is generating these weird ARP packets should be fixed
> instead.
Looking for any mentioning of an all-zero MAC address being invalid, the 
only reference I could find was in the original first Xerox Wire 
Specification. The IEEE specifications do not mention this at all, and 
according to it, the all-zero address is a valid MA-L address assigned 
to Xerox.

Looking at the packet more, it might be an attempt to do an unARP (RFC 
1868) but forgot to implement to set the Hardware Address Length to zero.

I'm sure adding an arptables entry can be used to solve this instead, in 
case the offending device cannot be fixed.

Please ignore this patch...

Cheers,

Eelco

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH net-next] arp: Ignore packets with an all zero sender mac address
  2017-11-03 10:39   ` Eelco Chaudron
@ 2017-11-03 12:19     ` David Miller
  0 siblings, 0 replies; 4+ messages in thread
From: David Miller @ 2017-11-03 12:19 UTC (permalink / raw)
  To: echaudro; +Cc: netdev

From: Eelco Chaudron <echaudro@redhat.com>
Date: Fri, 3 Nov 2017 11:39:04 +0100

> Looking for any mentioning of an all-zero MAC address being invalid,
> the only reference I could find was in the original first Xerox Wire
> Specification. The IEEE specifications do not mention this at all, and
> according to it, the all-zero address is a valid MA-L address assigned
> to Xerox.
> 
> Looking at the packet more, it might be an attempt to do an unARP (RFC
> 1868) but forgot to implement to set the Hardware Address Length to
> zero.
> 
> I'm sure adding an arptables entry can be used to solve this instead,
> in case the offending device cannot be fixed.
> 
> Please ignore this patch...

Ok, thanks for looking more deeply into this.

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2017-11-03 12:19 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-10-26  8:37 [PATCH net-next] arp: Ignore packets with an all zero sender mac address Eelco Chaudron
2017-10-27 13:48 ` David Miller
2017-11-03 10:39   ` Eelco Chaudron
2017-11-03 12:19     ` David Miller

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).