lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Tue, 21 Apr 2015 05:18:18 +0000
From:	Shachar Raindel <raindel@...lanox.com>
To:	Or Gerlitz <gerlitz.or@...il.com>,
	Jason Gunthorpe <jgunthorpe@...idianresearch.com>
CC:	Haggai Eran <haggaie@...lanox.com>,
	Doug Ledford <dledford@...hat.com>,
	Roland Dreier <roland@...nel.org>,
	Sean Hefty <sean.hefty@...el.com>,
	"linux-rdma@...r.kernel.org" <linux-rdma@...r.kernel.org>,
	Linux Netdev List <netdev@...r.kernel.org>,
	Liran Liss <liranl@...lanox.com>,
	Guy Shapiro <guysh@...lanox.com>,
	Yotam Kenneth <yotamke@...lanox.com>,
	Or Gerlitz <ogerlitz@...lanox.com>
Subject: RE: [PATCH v2 01/11] RDMA/CMA: Mark IPv4 addresses correctly when the
 listener is IPv6



> -----Original Message-----
> From: Or Gerlitz [mailto:gerlitz.or@...il.com]
> Sent: Monday, April 20, 2015 9:38 PM
> 
> On Mon, Apr 20, 2015 at 7:41 PM, Jason Gunthorpe
> <jgunthorpe@...idianresearch.com> wrote:
> > On Mon, Apr 20, 2015 at 12:03:32PM +0300, Haggai Eran wrote:
> >> From: Yotam Kenneth <yotamke@...lanox.com>
> >>
> >> When accepting a new connection with the listener being IPv6, the
> >> family of the new connection is set as IPv6. This causes
> cma_zero_addr
> >> function to return true on an non-zero address. As a result, the
> wrong
> >> code path is taken. This causes the connection request to be
> rejected,
> >> as the RDMA-CM code looks for the wrong type of device.
> >
> > This description doesn't really make sense as to what the problem is.
> >
> >> @@ -866,12 +866,12 @@ static void cma_save_ip4_info(struct rdma_cm_id
> *id, struct rdma_cm_id *listen_i
> >>
> >>       listen4 = (struct sockaddr_in *) &listen_id-
> >route.addr.src_addr;
> >>       ip4 = (struct sockaddr_in *) &id->route.addr.src_addr;
> >> -     ip4->sin_family = listen4->sin_family;
> >> +     ip4->sin_family = AF_INET;
> >
> > If listen_id->route.addr.src_addr.ss_family != AF_INET then it is
> > invalid to cast to sockaddr_in.
> >
> > So listen4->sin_family MUST be AF_INET or this function MUST NOT be
> > called.
> >
> > Forcing to AF_INET cannot be correct here.
> 
> Jason, could you take a look @ this thread
> http://marc.info/?t=141589395000004&r=1&w=2 where the authors
> addressed some comments from Sean and he eventually Acked the patch?
> 
> > What does this patch have to do with this series?
> 
> I believe it's either a pre-patch to address some assumption or
> something they stepped on while testing
> 

We stepped upon this issue while testing the containers support we are
Submitting here. When creating a new network namespace, the kernel set 
net->ipv6.sysctl.bindv6only to 0. As a result, we got the IPv6 listening
ID accepting IPv4 connection. This is fixed by the above patch.

Thanks,
--Shachar

Powered by blists - more mailing lists