lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 7 Jan 2014 04:38:22 -0800 (PST)
From:	François-Xavier Le Bail <fx.lebail@...oo.com>
To:	Hannes Frederic Sowa <hannes@...essinduktion.org>
Cc:	David Miller <davem@...emloft.net>, netdev@...r.kernel.org,
	kuznet@....inr.ac.ru, jmorris@...ei.org, yoshfuji@...ux-ipv6.org,
	kaber@...sh.net
Subject: Re: [PATCH net-next v4] IPv6: use anycast addresses as source addresses in echo reply

On Mon, 1/6/14, Hannes Frederic Sowa <hannes@...essinduktion.org> wrote:


> > > I think we should pass a valid device in unless it
> > > breaks something obvious.

> > The problem is that "saddr" is not necessarily an address on "skb->dev"
> > in icmpv6_echo_reply(). It may be an address on another interface.
 
> Maybe you're right, but then I don't get it. Could you make
> an example?

Yes :
box with eth1, eth2, forwarding enable.

echo request arrives on eth2
-------------------------------> eth2 (2a01:3::1)  {forwarding enable}   eth1 (2a01:2::1)

if dest == 2a01:3::
Jan  7 10:36:36 localhost kernel: [   59.155376] icmpv6_echo_reply: saddr == 2a01:3::
Jan  7 10:36:36 localhost kernel: [   59.155395] icmpv6_echo_reply: skb->dev->name == eth2
Jan  7 10:36:36 localhost kernel: [   59.155398] icmpv6_echo_reply: ipv6_chk_acast_addr(net, skb->dev, saddr) == 1
Jan  7 10:36:36 localhost kernel: [   59.155400] icmpv6_echo_reply: ipv6_chk_acast_addr(net, NULL, saddr) == 1
if dest == 2a01:2::
Jan  7 10:36:46 localhost kernel: [   68.807565] icmpv6_echo_reply: saddr == 2a01:2::
Jan  7 10:36:46 localhost kernel: [   68.807580] icmpv6_echo_reply: skb->dev->name == eth2
Jan  7 10:36:46 localhost kernel: [   68.807583] icmpv6_echo_reply: ipv6_chk_acast_addr(net, skb->dev, saddr) == 0
Jan  7 10:36:46 localhost kernel: [   68.807586] icmpv6_echo_reply: ipv6_chk_acast_addr(net, NULL, saddr) == 1

So, as 2a01:2:: is a address on eth1, ipv6_chk_acast_addr(net, skb->dev, saddr) with dev == eth2 return 0.

It is the reason why I use dev == NULL.

Do your tests show something different ?

Anyway, although I think that this solution is valid, I am testing another way to do this change.

BR,
Francois-Xavier
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ