| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 11 Nov 2015 14:49:57 +0900 From: Kouya Shimura <kouya@...fujitsu.com> To: <netdev@...r.kernel.org>, <linux-kernel@...r.kernel.org> CC: "David S. Miller" <davem@...emloft.net> Subject: ipv4: ip unreachable with SO_BINDTODEVICE socket Hi When both server and client are on the same machine and each their socket option is set to SO_BINDTODEVICE, sometimes a packet doesn't reach to the server. The reproducible test program is attached. (modify "IF_ADDR=, IP_ADDR=, PORT=" lines appropriately). Please try 'taskset -c 1 python test.py' since per cpu data (rt_cache) affects results. Also 'tcpdump -i lo' is helpful for testing. you can see "ICMP udp port unreachable". In this test program, a packet doesn't pass through the bound interface but 'lo' interface. So, it might be granted that local communication with SO_BINDTODEVICE socket fails. However, dnsmasq and dhcp_release commands rely on it (Actually I've found this issue on the OpenStack envirionment) and the test program works well on linux-2.6.32 but doesn't work on linux-3.10.0 and 4.3.0. I'd like to know whether this is a kernel bug or the specification of SO_BINDTODEVICE. The attached patch fixes this issue, but no confidence this is a right modification. Thanks, Kouya View attachment "test.py" of type "text/plain" (1783 bytes) View attachment "0001-PATCH-net-ipv4-re-create-rt_dst-when-rt_iif-doesn-t-.patch" of type "text/plain" (811 bytes)
Powered by blists - more mailing lists