From mboxrd@z Thu Jan 1 00:00:00 1970 From: Stephen Hemminger Subject: Re: [Bridge] [PATCH net] net: bridge: remove ipv6 zero address check in mcast queries Date: Sun, 28 Oct 2018 08:20:23 -0700 Message-ID: <20181028082023.222fac71@xeon-e3> References: <90c5f2fe-1743-6b17-2e44-eba58cdbbb35@cumulusnetworks.com> <20181027090747.22104-1-nikolay@cumulusnetworks.com> Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: netdev@vger.kernel.org, roopa@cumulusnetworks.com, bridge@lists.linux-foundation.org, yinxu@redhat.com, liuhangbin@gmail.com, davem@davemloft.net To: Nikolay Aleksandrov Return-path: Received: from mail-pl1-f195.google.com ([209.85.214.195]:41767 "EHLO mail-pl1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726734AbeJ2AFZ (ORCPT ); Sun, 28 Oct 2018 20:05:25 -0400 Received: by mail-pl1-f195.google.com with SMTP id p5-v6so2598813plq.8 for ; Sun, 28 Oct 2018 08:20:32 -0700 (PDT) In-Reply-To: <20181027090747.22104-1-nikolay@cumulusnetworks.com> Sender: netdev-owner@vger.kernel.org List-ID: On Sat, 27 Oct 2018 12:07:47 +0300 Nikolay Aleksandrov wrote: > Recently a check was added which prevents marking of routers with zero > source address, but for IPv6 that cannot happen as the relevant RFCs > actually forbid such packets: > RFC 2710 (MLDv1): > "To be valid, the Query message MUST > come from a link-local IPv6 Source Address, be at least 24 octets > long, and have a correct MLD checksum." > > Same goes for RFC 3810. > > And also it can be seen as a requirement in ipv6_mc_check_mld_query() > which is used by the bridge to validate the message before processing > it. Thus any queries with :: source address won't be processed anyway. > So just remove the check for zero IPv6 source address from the query > processing function. > > Fixes: 5a2de63fd1a5 ("bridge: do not add port to router list when receives query with source 0.0.0.0") > Signed-off-by: Nikolay Aleksandrov What about a broken/malicious sender? Could an all zero source be used to poison the multicast table?