[ofa-general] [PATCH] IB/IPoIB: Don't let a bad muticast address in the join list stop subsequent joins
Roland Dreier
rdreier at cisco.com
Wed Jul 15 09:01:05 PDT 2009
> I took your advice and sent a patch to bonding to fix the issue there to which I
> am waiting for comment) but I still think the patch for IPoIB is still needed.
> Without it, IPoIB is exposed to a DoS attack by a module (that looks like bonding but
> with malicious intentions) that sends IPoIB a garbage multicast address and stops it from
> joining any other group for ever, even if it is a legal group.
If the attack vector is a malicous module, I'm not too worried about
it -- after all, a malicious module could just overwrite the IPoIB
module code with whatever it wants and break things that way.
Is there any way userspace can inject a bogus multicast address?
- R.
More information about the general
mailing list