lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 17 Apr 2008 08:49:27 +0300 From: "Ian Brown" <ianbrn@...il.com> To: "Brian Haley" <brian.haley@...com> Cc: "YOSHIFUJI Hideaki / 吉藤英明" <yoshfuji@...ux-ipv6.org>, netdev@...r.kernel.org Subject: Re: Why MLDv2 Report packet is freed ? Hello, First, I have multicast routing enabled: /proc/sys/net/ipv6/conf/*/mc_forwarding is 1 and CONFIG_IPV6_MROUTE=y when building the kernel. Second, when MLDV2 report reaches ip6_mc_input(), the ICMPv6 header has a type of ICMPV6_MLD2_REPORT; and it is a router alert. This causes a call to ip6_input() and **not** ip6_mr_input(). This casue it to be handled by the ICMPv6 handler, which is icmpv6_rcv(). I am absolutely sure about it, as I added some printk() in these kernel methods. I see that I reach the icmpv6_rcv() and the packet is dropped. The sock_queue_rcv_skb() method in p6mr_cache_report() is NOT called in this case - simply because we don't get there, since ip6_mc_input() in this case does **not** call ip6_mr_input() ; it does call ip6_mr_input() in other cases. Moreover, I added printing in the accept_mld6() method of the pim6sd daemon, which is the handler for these packets, and I do not get there. Could it be that this is a bug ? Any ideas ? IB On Wed, Apr 16, 2008 at 9:02 PM, Brian Haley <brian.haley@...com> wrote: > Ian Brown wrote: > > Hello, > > > > I am sorry, I tried to delve into the code and I not sure I can figure out this > > point. > >> MLD packets are handled in other place. > > > > Can anybody please try to elaborate on this point: how > > are MLD packets handled ? Shouldn't MLD packets be > > handled by pim6sd daemon? > > Yes. > > > > I see handlers for accepting MLD (v1 and v2) > > in pim6sd daemon; > > And in case MLD packets should be handled by pim6sd - shouldn't the kernel > > pass these MLD packets to the pim6sd daemon (by calling sock_queue_rcv_skb() > > in ip6mr.c) ? As far as I can understand, these MLD packets are > > dropped in icmpv6_rcv() > > From what I can tell, ip6_mc_input() makes a copy if multicast routing > is enabled. Those copies eventually get to ip6mr_cache_report() which > delivers them to user-space (there's even a reference to pim6sd in > net/ipv6/ip6mr.c). > > Have you seen them not get delivered? > > -Brian > -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists