lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 11 Mar 2014 13:15:17 +0100
From:	"Simon Schneider" <simon-schneider@....net>
To:	"Hannes Frederic Sowa" <hannes@...essinduktion.org>
Cc:	netdev@...r.kernel.org
Subject: Aw: Re: Re: Link-local source IPv6 address in unicast Neighbor
 Solicitation towards global destination

Hi Hannes,
thanks a lot.

We'll integrate and test the patch.

best regards,Simon


> Gesendet: Montag, 10. März 2014 um 03:44 Uhr
> Von: "Hannes Frederic Sowa" <hannes@...essinduktion.org>
> An: "Simon Schneider" <simon-schneider@....net>
> Cc: netdev@...r.kernel.org
> Betreff: Re: Re: Link-local source IPv6 address in unicast Neighbor Solicitation towards global destination
>
> Hi Simon!
> 
> On Thu, Mar 06, 2014 at 10:18:23AM +0100, Simon Schneider wrote:
> > thanks, checking that would be good.
> > 
> > Another point here (probably a bit academic): without link-local address on the interface (just the global one), the unicast NS for NUD is not sent at all.
> > 
> > The neighbor cache entry is in DELAY state for some time, unicast NS is not sent, then the entry is moved to FAILED rather quickly.
> 
> Yep, that's the case. IMHO undefined behaviour so it is ok but could
> be improved.
> 
> This would be the patch, should improve your initial observation and would
> also "fix" the situation you noted above. Could you give it a test drive?
> 
> diff --git a/net/ipv6/ndisc.c b/net/ipv6/ndisc.c
> index 09a22f4..43c66f6 100644
> --- a/net/ipv6/ndisc.c
> +++ b/net/ipv6/ndisc.c
> @@ -553,7 +553,17 @@ void ndisc_send_ns(struct net_device *dev, struct neighbour *neigh,
>  	struct nd_msg *msg;
>  
>  	if (saddr == NULL) {
> -		if (ipv6_get_lladdr(dev, &addr_buf,
> +		if (!ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
> +				       inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
> +				       &addr_buf) &&
> +		    ipv6_chk_addr(dev_net(dev), &addr_buf, dev, 1)) {
> +			struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), &addr_buf, dev, 1);
> +			if (ifp && !(ifp->flags & IFA_F_OPTIMISTIC))
> +				saddr = &addr_buf;
> +			in6_ifa_put(ifp);
> +		}
> +
> +		if (!saddr && ipv6_get_lladdr(dev, &addr_buf,
>  				   (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
>  			return;
>  		saddr = &addr_buf;
> 
> 
> Thanks,
> 
>   Hannes
> 
>
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ