lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date:	Wed, 31 Jan 2007 10:08:32 +0900 (JST)
From:	YOSHIFUJI Hideaki / 吉藤英明 
	<yoshfuji@...ux-ipv6.org>
To:	weid@...css.fujitsu.com
Cc:	usagi-users@...ux-ipv6.org, netdev@...r.kernel.org,
	yoshfuji@...ux-ipv6.org, davem@...emloft.net
Subject: Re: [Patch][IPv6] Fix wrong routing mechanism for Link Local IPv6
 packets

In article <1172069832.2682.18.camel@...E> (at Wed, 21 Feb 2007 09:57:12 -0500), weidong <weid@...css.fujitsu.com> says:

> The following is the figure.
:
> Host eth0: fe80::200:ff:fe00:100
> Router eth0: fe80::20c:29ff:fe24:fa0a
> Router eth1: fe80::20c:29ff:fe24:fa14

 Other network
      |
      | eth1
 +----+----+
 | Router  |
 +----+----+
      | eth0
      |
      | eth0
 +----+----+
 |  Host   |
 +---------+

> We ping6 from host's eth0 to Router's eth1. Echo Request's src addr =
> fe80::200:ff:fe00:100, dst addr = fe80::20c:29ff:fe24:fa14. And Kernel
> just send ICMPv6 redirect packet and then forward the Echo Request to
> router's eth0. If we run tcpdump on Host eth0, we can receive the ICMPv6
> Redirect packet. And if we send NA which advertises

This is correct, and intended behavior.

> fe80::20c:29ff:fe24:fa14 MAC address(this is very easy for v6eval tool),
> we also can receive the forwarded Echo Request(src:fe80::200:ff:fe00:100
> dst is fe80::20c:29ff:fe24:fa14). 

Well, this is known issue, actually.

While this cannot happen in normal operation, we should NOT accept
such traffic. :-)

Here is the (untested) fix.

-----
[IPV6] ROUTE: Do not accept traffic for link-local address on different interface.

Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@...ux-ipv6.org>

--- 
diff --git a/net/ipv6/route.c b/net/ipv6/route.c
index 5f0043c..a7468e0 100644
--- a/net/ipv6/route.c
+++ b/net/ipv6/route.c
@@ -311,12 +311,19 @@ static inline void rt6_probe(struct rt6_info *rt)
 static int inline rt6_check_dev(struct rt6_info *rt, int oif)
 {
 	struct net_device *dev = rt->rt6i_dev;
+	int ret = 0;
+
+	if (dev->flags & IFF_LOOPBACK) {
+		if (!WARN_ON(rt->rt6i_idev == NULL) &&
+		    rt->rt6i_idev->dev->ifindex == oif)
+			ret = 1;
+		else
+			return 0;
+	}
 	if (!oif || dev->ifindex == oif)
 		return 2;
-	if ((dev->flags & IFF_LOOPBACK) &&
-	    rt->rt6i_idev && rt->rt6i_idev->dev->ifindex == oif)
-		return 1;
-	return 0;
+
+	return ret;
 }
 
 static int inline rt6_check_neigh(struct rt6_info *rt)

-- 
YOSHIFUJI Hideaki @ USAGI Project  <yoshfuji@...ux-ipv6.org>
GPG-FP  : 9022 65EB 1ECF 3AD1 0BDF  80D8 4807 F894 E062 0EEA
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists