lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:   Tue, 15 Nov 2022 11:12:16 +0100
From:   Geert Uytterhoeven <geert+renesas@...der.be>
To:     Jamie Bainbridge <jamie.bainbridge@...il.com>,
        Eric Dumazet <edumazet@...gle.com>,
        "David S . Miller" <davem@...emloft.net>,
        Hideaki YOSHIFUJI <yoshfuji@...ux-ipv6.org>,
        David Ahern <dsahern@...nel.org>,
        Jakub Kicinski <kuba@...nel.org>,
        Paolo Abeni <pabeni@...hat.com>,
        Chris Down <chris@...isdown.name>,
        Stephen Hemminger <stephen@...workplumber.org>
Cc:     netdev@...r.kernel.org, linux-kernel@...r.kernel.org,
        Geert Uytterhoeven <geert+renesas@...der.be>
Subject: [PATCH net-next] tcp: Fix tcp_syn_flood_action() if CONFIG_IPV6=n

If CONFIG_IPV6=n:

    net/ipv4/tcp_input.c: In function ‘tcp_syn_flood_action’:
    include/net/sock.h:387:37: error: ‘const struct sock_common’ has no member named ‘skc_v6_rcv_saddr’; did you mean ‘skc_rcv_saddr’?
      387 | #define sk_v6_rcv_saddr __sk_common.skc_v6_rcv_saddr
	  |                                     ^~~~~~~~~~~~~~~~
    include/linux/printk.h:429:19: note: in definition of macro ‘printk_index_wrap’
      429 |   _p_func(_fmt, ##__VA_ARGS__);    \
	  |                   ^~~~~~~~~~~
    include/linux/printk.h:530:2: note: in expansion of macro ‘printk’
      530 |  printk(KERN_INFO pr_fmt(fmt), ##__VA_ARGS__)
	  |  ^~~~~~
    include/linux/net.h:272:3: note: in expansion of macro ‘pr_info’
      272 |   function(__VA_ARGS__);    \
	  |   ^~~~~~~~
    include/linux/net.h:288:2: note: in expansion of macro ‘net_ratelimited_function’
      288 |  net_ratelimited_function(pr_info, fmt, ##__VA_ARGS__)
	  |  ^~~~~~~~~~~~~~~~~~~~~~~~
    include/linux/net.h:288:43: note: in expansion of macro ‘sk_v6_rcv_saddr’
      288 |  net_ratelimited_function(pr_info, fmt, ##__VA_ARGS__)
	  |                                           ^~~~~~~~~~~
    net/ipv4/tcp_input.c:6847:4: note: in expansion of macro ‘net_info_ratelimited’
     6847 |    net_info_ratelimited("%s: Possible SYN flooding on port [%pI6c]:%u. %s.\n",
	  |    ^~~~~~~~~~~~~~~~~~~~

Fix this by using "#if" instead of "if", like is done for all other
checks for CONFIG_IPV6.

Fixes: d9282e48c6088105 ("tcp: Add listening address to SYN flood message")
Signed-off-by: Geert Uytterhoeven <geert+renesas@...der.be>
---
 net/ipv4/tcp_input.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c
index 94024fdc2da1b28a..e5d7a33fac6666bb 100644
--- a/net/ipv4/tcp_input.c
+++ b/net/ipv4/tcp_input.c
@@ -6843,11 +6843,14 @@ static bool tcp_syn_flood_action(const struct sock *sk, const char *proto)
 
 	if (!queue->synflood_warned && syncookies != 2 &&
 	    xchg(&queue->synflood_warned, 1) == 0) {
-		if (IS_ENABLED(CONFIG_IPV6) && sk->sk_family == AF_INET6) {
+#if IS_ENABLED(CONFIG_IPV6)
+		if (sk->sk_family == AF_INET6) {
 			net_info_ratelimited("%s: Possible SYN flooding on port [%pI6c]:%u. %s.\n",
 					proto, &sk->sk_v6_rcv_saddr,
 					sk->sk_num, msg);
-		} else {
+		} else
+#endif
+		{
 			net_info_ratelimited("%s: Possible SYN flooding on port %pI4:%u. %s.\n",
 					proto, &sk->sk_rcv_saddr,
 					sk->sk_num, msg);
-- 
2.25.1

Powered by blists - more mailing lists