On Wed, Jul 15, 2009 at 09:01:05AM -0700, Roland Dreier wrote: > > > I took your advice and sent a patch to bonding to fix the issue there to > which I > > am waiting for comment) but I still think the patch for IPoIB is still > needed. > > Without it, IPoIB is exposed to a DoS attack by a module (that looks like > bonding but > > with malicious intentions) that sends IPoIB a garbage multicast address > and stops it from > > joining any other group for ever, even if it is a legal group. > > If the attack vector is a malicous module, I'm not too worried about > it -- after all, a malicious module could just overwrite the IPoIB > module code with whatever it wants and break things that way. > > Is there any way userspace can inject a bogus multicast address?
Can you do it with netlink? ip maddr add address ... dev ib0 Jason _______________________________________________ general mailing list [email protected] http://lists.openfabrics.org/cgi-bin/mailman/listinfo/general To unsubscribe, please visit http://openib.org/mailman/listinfo/openib-general
