From: Greg KH <gregkh@suse.de>
To: linux-kernel@vger.kernel.org, stable@kernel.org
Cc: stable-review@kernel.org, torvalds@linux-foundation.org,
akpm@linux-foundation.org, alan@lxorguk.ukuu.org.uk,
"Eric W. Biederman" <ebiederm@aristanetworks.com>,
"David S. Miller" <davem@davemloft.net>
Subject: [patch 18/24] Revert "ipv4: arp announce, arp_proxy and windows ip conflict verification"
Date: Fri, 17 Jul 2009 13:09:09 -0700 [thread overview]
Message-ID: <20090717201235.532748898@mini.kroah.org> (raw)
In-Reply-To: <20090717201639.GA14209@kroah.com>
[-- Attachment #1: revert-ipv4-arp-announce-arp_proxy-and-windows-ip-conflict-verification.patch --]
[-- Type: text/plain, Size: 1578 bytes --]
2.6.30-stable review patch. If anyone has any objections, please let us know.
------------------
From: Eric W. Biederman <ebiederm@xmission.com>
commit f8a68e752bc4e39644843403168137663c984524 upstream.
This reverts commit 73ce7b01b4496a5fbf9caf63033c874be692333f.
After discovering that we don't listen to gratuitious arps in 2.6.30
I tracked the failure down to this commit.
The patch makes absolutely no sense. RFC2131 RFC3927 and RFC5227.
are all in agreement that an arp request with sip == 0 should be used
for the probe (to prevent learning) and an arp request with sip == tip
should be used for the gratitous announcement that people can learn
from.
It appears the author of the broken patch got those two cases confused
and modified the code to drop all gratuitous arp traffic. Ouch!
Signed-off-by: Eric W. Biederman <ebiederm@aristanetworks.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
---
net/ipv4/arp.c | 7 ++-----
1 file changed, 2 insertions(+), 5 deletions(-)
--- a/net/ipv4/arp.c
+++ b/net/ipv4/arp.c
@@ -801,11 +801,8 @@ static int arp_process(struct sk_buff *s
* cache.
*/
- /*
- * Special case: IPv4 duplicate address detection packet (RFC2131)
- * and Gratuitous ARP/ARP Announce. (RFC3927, Section 2.4)
- */
- if (sip == 0 || tip == sip) {
+ /* Special case: IPv4 duplicate address detection packet (RFC2131) */
+ if (sip == 0) {
if (arp->ar_op == htons(ARPOP_REQUEST) &&
inet_addr_type(net, tip) == RTN_LOCAL &&
!arp_ignore(in_dev, sip, tip))
next prev parent reply other threads:[~2009-07-17 20:21 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20090717200851.907421303@mini.kroah.org>
2009-07-17 20:16 ` [patch 00/24] 2.6.30.2-stable review Greg KH
2009-07-17 20:08 ` [patch 01/24] Add -fno-delete-null-pointer-checks to gcc CFLAGS Greg KH
2009-07-17 20:08 ` [patch 02/24] security: use mmap_min_addr indepedently of security models Greg KH
2009-07-17 20:08 ` [patch 03/24] tun/tap: Fix crashes if open() /dev/net/tun and then poll() it. (CVE-2009-1897) Greg KH
2009-07-17 20:08 ` [patch 04/24] personality: fix PER_CLEAR_ON_SETID (CVE-2009-1895) Greg KH
2009-07-17 20:08 ` [patch 05/24] Blackfin: fix accidental reset in some boot modes Greg KH
2009-07-17 20:08 ` [patch 06/24] Blackfin: redo handling of bad irqs Greg KH
2009-07-17 20:08 ` [patch 07/24] Blackfin: fix deadlock in SMP IPI handler Greg KH
2009-07-17 20:08 ` [patch 08/24] Blackfin: fix command line corruption with DEBUG_DOUBLEFAULT Greg KH
2009-07-17 20:09 ` [patch 09/24] futex: Fix the write access fault problem for real Greg KH
2009-07-17 20:09 ` [patch 10/24] futexes: Fix infinite loop in get_futex_key() on huge page Greg KH
2009-07-17 20:09 ` [patch 11/24] kernel/resource.c: fix sign extension in reserve_setup() Greg KH
2009-07-17 20:09 ` [patch 12/24] alpha: fix percpu build breakage Greg KH
2009-07-17 20:09 ` [patch 13/24] dma-debug: fix off-by-one error in overlap function Greg KH
2009-07-17 20:09 ` [patch 14/24] blocK: Restore barrier support for md and probably other virtual devices Greg KH
2009-07-17 20:09 ` [patch 15/24] md/raid5: suspend shouldnt affect read requests Greg KH
2009-07-17 20:09 ` [patch 16/24] md: fix error path when duplicate name is found on md device creation Greg KH
2009-07-17 20:09 ` [patch 17/24] md: avoid dereferencing NULL pointer when accessing suspend_* sysfs attributes Greg KH
2009-07-17 20:09 ` Greg KH [this message]
2009-07-17 20:09 ` [patch 19/24] floppy: fix lock imbalance Greg KH
2009-07-17 20:09 ` [patch 20/24] Fix pci_unmap_addr() et al on i386 Greg KH
2009-07-17 20:09 ` [patch 21/24] Fix iommu address space allocation Greg KH
2009-07-17 20:09 ` [patch 22/24] fuse: fix bad return value in fuse_file_poll() Greg KH
2009-07-17 20:09 ` [patch 23/24] fuse: fix return value of fuse_dev_write() Greg KH
2009-07-17 20:09 ` [patch 24/24] Dont use -fwrapv compiler option: its buggy in gcc-4.1.x Greg KH
2009-07-17 20:36 ` [patch 00/24] 2.6.30.2-stable review Greg KH
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20090717201235.532748898@mini.kroah.org \
--to=gregkh@suse.de \
--cc=akpm@linux-foundation.org \
--cc=alan@lxorguk.ukuu.org.uk \
--cc=davem@davemloft.net \
--cc=ebiederm@aristanetworks.com \
--cc=linux-kernel@vger.kernel.org \
--cc=stable-review@kernel.org \
--cc=stable@kernel.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).