1 From: Linus Lüssing <linus.luessing@c0d3.blue>
2 Date: Thu, 7 Jun 2018 00:46:24 +0200
3 Subject: batman-adv: Fix multicast TT issues with bogus ROAM flags
5 When a (broken) node wrongly sends multicast TT entries with a ROAM
6 flag then this causes any receiving node to drop all entries for the
7 same multicast MAC address announced by other nodes, leading to
10 Fix this DoS vector by only storing TT sync flags. For multicast TT
11 non-sync'ing flag bits like ROAM are unused so far anyway.
13 Fixes: 405cc1e5a81e ("batman-adv: Modified forwarding behaviour for multicast packets")
14 Reported-by: Leonardo Mörlein <me@irrelefant.net>
15 Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
16 Signed-off-by: Sven Eckelmann <sven@narfation.org>
18 Origin: upstream, https://git.open-mesh.org/batman-adv.git/commit/c7054ffae0c3b08bb4bef3cffee1e0a543e14096
20 diff --git a/net/batman-adv/translation-table.c b/net/batman-adv/translation-table.c
21 index a8b4d9bcb318656022a30f742ede4f38a646d0d1..143a00f90d1d925aad7113f897d06f435f28dcd8 100644
22 --- a/net/batman-adv/translation-table.c
23 +++ b/net/batman-adv/translation-table.c
24 @@ -1695,7 +1695,8 @@ static bool batadv_tt_global_add(struct batadv_priv *bat_priv,
25 ether_addr_copy(common->addr, tt_addr);
28 - common->flags = flags & (~BATADV_TT_SYNC_MASK);
29 + if (!is_multicast_ether_addr(common->addr))
30 + common->flags = flags & (~BATADV_TT_SYNC_MASK);
32 tt_global_entry->roam_at = 0;
33 /* node must store current time in case of roaming. This is
34 @@ -1759,7 +1760,8 @@ static bool batadv_tt_global_add(struct batadv_priv *bat_priv,
35 * TT_CLIENT_TEMP, therefore they have to be copied in the
38 - common->flags |= flags & (~BATADV_TT_SYNC_MASK);
39 + if (!is_multicast_ether_addr(common->addr))
40 + common->flags |= flags & (~BATADV_TT_SYNC_MASK);
42 /* If there is the BATADV_TT_CLIENT_ROAM flag set, there is only
43 * one originator left in the list and we previously received a
projects / feed / routing.git / blob