| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 04 May 2010 10:40:58 -0400
From: Brian Haley <brian.haley@...com>
To: David Miller <davem@...emloft.net>
CC: dlstevens@...ibm.com, enh@...gle.com, netdev@...r.kernel.org,
netdev-owner@...r.kernel.org
Subject: Re: linux kernel's IPV6_MULTICAST_HOPS default is 64; should be 1?
David Miller wrote:
> From: David Stevens <dlstevens@...ibm.com>
> Date: Tue, 4 May 2010 00:48:46 -0700
>
>> It's set to -1 by default, but the common code for unicast and
>> multicast in getsockopt is falling through to use the dst_entry.
>>
>> I believe (though I haven't actually tried it recently) it actually
>> uses "1" for the default value for multicast;
No, on-the-wire it's actually 64.
> It doesn't, all of the uses in the ipv6 stack say something like:
>
> if (multicast)
> hlimit = np->mcast_hops;
> else
> hlimit = np->hop_limit;
> if (hlimit < 0)
> hlimit = ip6_dst_hoplimit(dst);
>
> Therefore, the change suggested by Elliot and which I committed is the
> way to get the correct behavior and fix this.
Not exactly. It fixes the case where it's wrong by default, but
the corner case of setting it to -1 via setsockopt() says:
x == -1: use kernel default
But that will revert back to the kernel using 64 on the next transmit.
I can work on an update to this that makes a new mcast_hops per-interface
setting and makes ip6_dst_hoplimit() aware of it. Or even easier, just
have setsockopt() trap the -1 and set np->mcast_hops to 1. Built but
untested patch below.
-Brian
--
Specifying -1 for setsockopt(IPV6_MULTICAST_HOPS) should set the socket
value back to the system default value of IPV6_DEFAULT_MCASTHOPS (1).
Signed-off-by: Brian Haley <brian.haley@...com>
diff --git a/net/ipv6/ipv6_sockglue.c b/net/ipv6/ipv6_sockglue.c
index bd43f01..fa6875b 100644
--- a/net/ipv6/ipv6_sockglue.c
+++ b/net/ipv6/ipv6_sockglue.c
@@ -486,7 +486,10 @@ done:
goto e_inval;
if (val > 255 || val < -1)
goto e_inval;
- np->mcast_hops = val;
+ if (val == -1)
+ np->mcast_hops = IPV6_DEFAULT_MCASTHOPS;
+ else
+ np->mcast_hops = val;
retv = 0;
break;
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists