Date: Mon, 25 Jul 2016 14:09:53 -0400 From: Ryan Stone <rysto32@gmail.com> To: Adrian Chadd <adrian.chadd@gmail.com> Cc: Andrew Gallatin <gallatin@netflix.com>, "<freebsd-transport@freebsd.org>" <freebsd-transport@freebsd.org> Subject: Re: in_broadcast() called for almost every packet in ip_output() Message-ID: <CAFMmRNziEgGcpzoOo%2BbPXvPgeTptqPUnW7tRZYSD%2BQUw-5duUw@mail.gmail.com> In-Reply-To: <CAFMmRNzJNxqKavW9TgawnU-EVPpHn146d8ZDUkN-88Mn2hx94Q@mail.gmail.com> References: <CAFMmRNx%2Bx9GNDgDHO5oyoj-S%2BCK9bRvJhpNNFf3%2BPk0p2SQeSQ@mail.gmail.com> <CADLQ3sLyytm0HMsSChhWD108t6iPpquXH2E2R7Wc42FpaAP1Rw@mail.gmail.com> <CAFMmRNyi1-K%2BKX6bY2bx7_hiq2PDPJa-QJatBf0QdtriGnJ5fw@mail.gmail.com> <559f1d0e-9d35-f458-bff5-b69a03297cf0@netflix.com> <CAFMmRNxjpZMVbRLv-xqYNTXjCUh6=oDPfqK_cM47i64bRs51eA@mail.gmail.com> <CAFMmRNyeUiru=t3i5ymhQiCnNivV9-=PYK6F0ak0swZo2M969A@mail.gmail.com> <CAJ-Vmo=xU9dmsf0=Sx5wWTqmgpx_eLiSG-_aj=VAdEdW-VOV%2BA@mail.gmail.com> <CAFMmRNzJNxqKavW9TgawnU-EVPpHn146d8ZDUkN-88Mn2hx94Q@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Jul 20, 2016 at 7:57 PM, Ryan Stone <rysto32@gmail.com> wrote: > Would it be correct to check for M_BCAST on the packet before checking for > for a broadcast IP address? I don't believe that there would be any > security concerns with that approach. If somebody injected a UDP packet > with a broadcast IP address but a unicast MAC address, we would try to look > up a pcb that matched, fail to find anything, and then drop the packet. > Ok, I've put this up for review, along with a fix for the 802.11 stack to have it set M_BCAST properly: https://reviews.freebsd.org/D7309 Are there any other L2 protocols that we support other than Ethernet and 802.11 that I should audit to ensure it sets M_BCAST properly.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAFMmRNziEgGcpzoOo%2BbPXvPgeTptqPUnW7tRZYSD%2BQUw-5duUw>