Commit f3ec75f6 authored by Allan Stephens's avatar Allan Stephens Committed by David S. Miller

[TIPC]: Improved support for Ethernet traffic filtering

This patch simplifies TIPC's Ethernet receive routine to take
advantage of information already present in each incoming sk_buff
indicating whether the packet was explicitly sent to the interface,
has been broadcast to all interfaces, or was picked up because the
interface is in promiscous mode.

This new approach also fixes the problem of TIPC accepting unwanted
traffic through UML's multicast-based Ethernet interfaces (which
deliver traffic in a promiscuous manner even if the interface is
not configured to be promiscuous).
Signed-off-by: default avatarAllan Stephens <allan.stephens@windriver.com>
Signed-off-by: default avatarJon Paul Maloy <jon.maloy@ericsson.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent e06e7c61
/* /*
* net/tipc/eth_media.c: Ethernet bearer support for TIPC * net/tipc/eth_media.c: Ethernet bearer support for TIPC
* *
* Copyright (c) 2001-2006, Ericsson AB * Copyright (c) 2001-2007, Ericsson AB
* Copyright (c) 2005-2006, Wind River Systems * Copyright (c) 2005-2007, Wind River Systems
* All rights reserved. * All rights reserved.
* *
* Redistribution and use in source and binary forms, with or without * Redistribution and use in source and binary forms, with or without
...@@ -87,6 +87,9 @@ static int send_msg(struct sk_buff *buf, struct tipc_bearer *tb_ptr, ...@@ -87,6 +87,9 @@ static int send_msg(struct sk_buff *buf, struct tipc_bearer *tb_ptr,
/** /**
* recv_msg - handle incoming TIPC message from an Ethernet interface * recv_msg - handle incoming TIPC message from an Ethernet interface
* *
* Accept only packets explicitly sent to this node, or broadcast packets;
* ignores packets sent using Ethernet multicast, and traffic sent to other
* nodes (which can happen if interface is running in promiscuous mode).
* Routine truncates any Ethernet padding/CRC appended to the message, * Routine truncates any Ethernet padding/CRC appended to the message,
* and ensures message size matches actual length * and ensures message size matches actual length
*/ */
...@@ -98,9 +101,7 @@ static int recv_msg(struct sk_buff *buf, struct net_device *dev, ...@@ -98,9 +101,7 @@ static int recv_msg(struct sk_buff *buf, struct net_device *dev,
u32 size; u32 size;
if (likely(eb_ptr->bearer)) { if (likely(eb_ptr->bearer)) {
if (likely(!dev->promiscuity) || if (likely(buf->pkt_type <= PACKET_BROADCAST)) {
!memcmp(skb_mac_header(buf), dev->dev_addr, ETH_ALEN) ||
!memcmp(skb_mac_header(buf), dev->broadcast, ETH_ALEN)) {
size = msg_size((struct tipc_msg *)buf->data); size = msg_size((struct tipc_msg *)buf->data);
skb_trim(buf, size); skb_trim(buf, size);
if (likely(buf->len == size)) { if (likely(buf->len == size)) {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment