lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <alpine.LFD.2.00.1308241105220.1641@ja.ssi.bg>
Date:	Sat, 24 Aug 2013 11:35:44 +0300 (EEST)
From:	Julian Anastasov <ja@....bg>
To:	Chris Clark <chris.clark@...atel-lucent.com>
cc:	davem@...emloft.net, netdev@...r.kernel.org
Subject: Re: sendto() bug?


	Hello,

On Fri, 23 Aug 2013, Chris Clark wrote:

> In the same vein as 2ad5b9e4, I'm soliciting feedback on something
> similar for raw_sendmsg():
> 
> =================================================================
> diff --git a/net/ipv4/raw.c b/net/ipv4/raw.c
> index dd44e0a..454d9c1 100644
> --- a/net/ipv4/raw.c
> +++ b/net/ipv4/raw.c
> @@ -571,7 +571,9 @@ static int raw_sendmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg,
>         flowi4_init_output(&fl4, ipc.oif, sk->sk_mark, tos,
>                            RT_SCOPE_UNIVERSE,
>                            inet->hdrincl ? IPPROTO_RAW : sk->sk_protocol,
> -                          inet_sk_flowi_flags(sk) | FLOWI_FLAG_CAN_SLEEP,
> +                          inet_sk_flowi_flags(sk) | FLOWI_FLAG_CAN_SLEEP
> +                           | ((msg->msg_namelen
> +                               && (tos & RTO_ONLINK)) ? FLOWI_FLAG_KNOWN_NH : 0),
>                            daddr, saddr, 0, 0);
> 
>         if (!inet->hdrincl) {
> =================================================================
> 
> The thought here is to apply the FLOWI_FLAG_KNOWN_NH flag when:
>  (a) The dest_addr is given explicitly (msg->msg_namelen), and
>  (b) The socket is in MSG_DONTROUTE mode (tos & RTO_ONLINK).

	IMHO, FLOWI_FLAG_KNOWN_NH should be set only
for the inet->hdrincl case, otherwise it is set from
routing result: ip_push_pending_frames -> ip_finish_skb ->
__ip_make_skb -> ip_copy_addrs.

	The both cases for hdrincl (usin->sin_addr.s_addr
and inet->inet_daddr) can provide different address, so
it should work also for connected sockets.

	And it should not depend on MSG_DONTROUTE because
daddr for routing and daddr in header can be two
different IPs in local subnet, the user should not
be restricted to use MSG_DONTROUTE just to send
correct ARP request.

	So, something like
(inet->hdrincl ? FLOWI_FLAG_KNOWN_NH : 0) ?

Regards

--
Julian Anastasov <ja@....bg>
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ