lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 30 Oct 2012 11:42:48 +0100
From:	Eric Dumazet <eric.dumazet@...il.com>
To:	Steven Barth <steven@...link.org>
Cc:	netdev@...r.kernel.org
Subject: Re: IPV6_PKTINFO seems not to be honored correctly by RAW-sockets

From: Eric Dumazet <edumazet@...gle.com>

On Tue, 2012-10-30 at 09:58 +0100, Steven Barth wrote:
> Hi,
> 
> I recently noticed that there might be an unexpected behavior in the 
> handling of IPV6_PKTINFO for RAW-sockets. It seems that the given 
> destination interface is ignored.
> 
> I just reproduced this on 3.7.0-rc3 vanilla but some quick tests with 
> 2.6.32 and 3.5 distro-kernels on different machines showed the same.
> 
> I've noticed this first in my own software but I could also reproduce it 
> easily with standard tools like ping6 from iputils:
> 
> Have 2 network interfaces with (global) IPv6-addresses assigned (e.g. 
> eth0 with fd00::1/64 and eth1 with fd01::1/64) and do a ping6 -I eth1 
> fd00::1 (ping6 from iputils uses IPV6_PKTINFO internally).
> 
> For me the result was that even though I set the interface to eth1 the 
> ECHO was still send to eth0.
> 
> Also (although probably unrelated) forwarding for IPv6 was disabled.
> 
> If I try something similar with IPv4 and ping -I ... the ECHO doesn't go 
> out on eth0 but - as expected - on eth1.
> 
> However if I use traceroute(6) with -I (ICMP-traceroute) and the -i 
> option to determine the interface, packages seem to be sent through the 
> expected interface. Internally it seems that traceroute(6) uses 
> SO_BINDTODEVICE instead of IP(V6)_PKTINFO which seems to work.
> 
> So it seems there might be something wrong with IPV6_PKTINFO or is this 
> expected behavior?
> 

I believe its not expected behavior.

Is the following patch fixing it ?

Thanks

[PATCH] ipv6: raw: honor IPV6_PKTINFO 

Let ping6 -I interface works correctly.

If socket was not bound to a given interface, check if IPV6_PKTINFO was
issued on this socket.

Reported-by: Steven Barth <steven@...link.org>
Signed-off-by: Eric Dumazet <edumazet@...gle.com>
---
diff --git a/net/ipv6/raw.c b/net/ipv6/raw.c
index d8e95c7..363ee65 100644
--- a/net/ipv6/raw.c
+++ b/net/ipv6/raw.c
@@ -814,8 +814,8 @@ static int rawv6_sendmsg(struct kiocb *iocb, struct sock *sk,
 		fl6.flowlabel = np->flow_label;
 	}
 
-	if (fl6.flowi6_oif == 0)
-		fl6.flowi6_oif = sk->sk_bound_dev_if;
+	if (!fl6.flowi6_oif)
+		fl6.flowi6_oif = sk->sk_bound_dev_if ?: np->sticky_pktinfo.ipi6_ifindex;
 
 	if (msg->msg_controllen) {
 		opt = &opt_space;


--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ