lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:	Wed, 06 Jun 2007 13:53:55 +0930
From:	Anton <>
Subject: sending IPv6 packets via kern_sendmsg 


Following on from a previous (now lost :-)) posting, I have been trying 
to send out IPv6 packets from a kernel module using the kern_sendmsg() 
function. Since in theory I need this function to be started in 
interrupt context (actually, softirq context), but since this is 
impossible because kern_sendmsg() needs to sleep, I have created a work 
queue which calls the kern_sendmsg() function separately. The work queue 
is scheduled from the softirq context (actually, at the moment this 
happens from a Netfilter hook). The work queue function creates a msghdr 
structure, fills in a sin6_addr structure, calls sock_create_kern() and 
then uses this socket to send an IPv6 packet, which consists of a header 
(struct ipv6hdr *iphdr) and some data following on from this. The above 
packet is placed in the msghdr structure by setting (after the 
appropriate initializations):
msg.msg_iov->iov_base = (char *) ip6hdr;
msg.msg_iov->iov_len = sizeof( struct ipv6hdr + ntohs( 
ip6hdr->payload_len ) );
msg.msg_iovlen = 1;
msg.msg_name = &sin6addr;
msg.msg_namelen = sizeof( struct sin6_addr );
However, when trying to send this using kern_sendmsg() (or even 
sock_sendmsg()) to perform the send operation, I get an error  (-22 - 
EINVAL), which, according to the user-space sendmsg(), corresponds to:
"The sum of the iov_len values overflows an ssize_t. "
Certainly this is not the case, since the packet in question is an 
ICMPv6 ping packet whose header size and data would rarely exceed 100 
The test is being run on kernel 2.6.18.
 From what I have read on the internet, in books and in a previous 
suggestion from the netdev mailing-list, the use of kern_sendmsg() seems 
to be the appropriate way of sending packets from a kernel module. Am I 
doing something incorrectly above, or should I be using some other 
function instead of kern_sendmsg() (or sock_sendmsg())?

I would appreciate any ideas.


IMPORTANT: This email remains the property of the Australian Defence Organisation and is subject to the jurisdiction of section 70 of the CRIMES ACT 1914.  If you have received this email in error, you are requested to contact the sender and delete the email.

To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to
More majordomo info at

Powered by blists - more mailing lists