batman-adv/patches/0002-batman-adv-avoid-DAT-to-mess-up-LAN-state.patch

   1 From 9bbd794030657fe0d38590cd67d4801b989cebf9 Mon Sep 17 00:00:00 2001
   2 From: Antonio Quartulli <antonio@meshcoding.com>
   3 Date: Mon, 1 Jun 2015 17:29:57 +0200
   4 Subject: [PATCH 02/13] batman-adv: avoid DAT to mess up LAN state
   5
   6 When a node running DAT receives an ARP request from the LAN for the
   7 first time, it is likely that this node will request the ARP entry
   8 through the distributed ARP table (DAT) in the mesh.
   9
  10 Once a DAT reply is received the asking node must check if the MAC
  11 address for which the IP address has been asked is local. If it is, the
  12 node must drop the ARP reply bceause the client should have replied on
  13 its own locally.
  14
  15 Forwarding this reply means fooling any L2 bridge (e.g. Ethernet
  16 switches) lying between the batman-adv node and the LAN. This happens
  17 because the L2 bridge will think that the client sending the ARP reply
  18 lies somewhere in the mesh, while this node is sitting in the same LAN.
  19
  20 Reported-by: Simon Wunderlich <sw@simonwunderlich.de>
  21 Signed-off-by: Antonio Quartulli <antonio@meshcoding.com>
  22 Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch>
  23 ---
  24  distributed-arp-table.c | 18 +++++++++++++-----
  25  1 file changed, 13 insertions(+), 5 deletions(-)
  26
  27 diff --git a/distributed-arp-table.c b/distributed-arp-table.c
  28 index da1742d..0d791dc 100644
  29 --- a/distributed-arp-table.c
  30 +++ b/distributed-arp-table.c
  31 @@ -1107,6 +1107,9 @@ void batadv_dat_snoop_outgoing_arp_reply(struct batadv_priv *bat_priv,
  32   * @bat_priv: the bat priv with all the soft interface information
  33   * @skb: packet to check
  34   * @hdr_size: size of the encapsulation header
  35 + *
  36 + * Returns true if the packet was snooped and consumed by DAT. False if the
  37 + * packet has to be delivered to the interface
  38   */
  39  bool batadv_dat_snoop_incoming_arp_reply(struct batadv_priv *bat_priv,
  40                                          struct sk_buff *skb, int hdr_size)
  41 @@ -1114,7 +1117,7 @@ bool batadv_dat_snoop_incoming_arp_reply(struct batadv_priv *bat_priv,
  42         uint16_t type;
  43         __be32 ip_src, ip_dst;
  44         uint8_t *hw_src, *hw_dst;
  45 -       bool ret = false;
  46 +       bool dropped = false;
  47         unsigned short vid;
  48
  49         if (!atomic_read(&bat_priv->distributed_arp_table))
  50 @@ -1143,12 +1146,17 @@ bool batadv_dat_snoop_incoming_arp_reply(struct batadv_priv *bat_priv,
  51         /* if this REPLY is directed to a client of mine, let's deliver the
  52          * packet to the interface
  53          */
  54 -       ret = !batadv_is_my_client(bat_priv, hw_dst, vid);
  55 +       dropped = !batadv_is_my_client(bat_priv, hw_dst, vid);
  56 +
  57 +       /* if this REPLY is sent on behalf of a client of mine, let's drop the
  58 +        * packet because the client will reply by itself
  59 +        */
  60 +       dropped |= batadv_is_my_client(bat_priv, hw_src, vid);
  61  out:
  62 -       if (ret)
  63 +       if (dropped)
  64                 kfree_skb(skb);
  65 -       /* if ret == false -> packet has to be delivered to the interface */
  66 -       return ret;
  67 +       /* if dropped == false -> deliver to the interface */
  68 +       return dropped;
  69  }
  70
  71  /**
  72 --
  73 2.1.4
  74