batman-adv/patches/0011-batman-adv-Fix-multicast-TT-issues-with-bogus-ROAM-f.patch

   1 From: Linus Lüssing <linus.luessing@c0d3.blue>
   2 Date: Thu, 7 Jun 2018 00:46:24 +0200
   3 Subject: [PATCH] batman-adv: Fix multicast TT issues with bogus ROAM flags
   4
   5 When a (broken) node wrongly sends multicast TT entries with a ROAM
   6 flag then this causes any receiving node to drop all entries for the
   7 same multicast MAC address announced by other nodes, leading to
   8 packet loss.
   9
  10 Fix this DoS vector by only storing TT sync flags. For multicast TT
  11 non-sync'ing flag bits like ROAM are unused so far anyway.
  12
  13 Fixes: 405cc1e5a81e ("batman-adv: Modified forwarding behaviour for multicast packets")
  14 Reported-by: Leonardo Mörlein <me@irrelefant.net>
  15 Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
  16 Signed-off-by: Sven Eckelmann <sven@narfation.org>
  17
  18 Origin: upstream, https://git.open-mesh.org/batman-adv.git/commit/c7054ffae0c3b08bb4bef3cffee1e0a543e14096
  19 ---
  20  net/batman-adv/translation-table.c | 6 ++++--
  21  1 file changed, 4 insertions(+), 2 deletions(-)
  22
  23 diff --git a/net/batman-adv/translation-table.c b/net/batman-adv/translation-table.c
  24 index 61ce300091f328fd78dafa5c4fd09f6cf924b025..12a2b7d21376721d15c6a31f3e794e4270d74b5c 100644
  25 --- a/net/batman-adv/translation-table.c
  26 +++ b/net/batman-adv/translation-table.c
  27 @@ -1705,7 +1705,8 @@ static bool batadv_tt_global_add(struct batadv_priv *bat_priv,
  28                 ether_addr_copy(common->addr, tt_addr);
  29                 common->vid = vid;
  30
  31 -               common->flags = flags & (~BATADV_TT_SYNC_MASK);
  32 +               if (!is_multicast_ether_addr(common->addr))
  33 +                       common->flags = flags & (~BATADV_TT_SYNC_MASK);
  34
  35                 tt_global_entry->roam_at = 0;
  36                 /* node must store current time in case of roaming. This is
  37 @@ -1769,7 +1770,8 @@ static bool batadv_tt_global_add(struct batadv_priv *bat_priv,
  38                  * TT_CLIENT_TEMP, therefore they have to be copied in the
  39                  * client entry
  40                  */
  41 -               common->flags |= flags & (~BATADV_TT_SYNC_MASK);
  42 +               if (!is_multicast_ether_addr(common->addr))
  43 +                       common->flags |= flags & (~BATADV_TT_SYNC_MASK);
  44
  45                 /* If there is the BATADV_TT_CLIENT_ROAM flag set, there is only
  46                  * one originator left in the list and we previously received a