lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 1 Nov 2013 18:21:41 +0100
From:	Emmanuel Thierry <emmanuel.thierry@...ecom-bretagne.eu>
To:	"netdev@...r.kernel.org" <netdev@...r.kernel.org>
Cc:	Hannes Frederic Sowa <hannes@...essinduktion.org>
Subject: [RFC PATCH 2/2] ipv6: don't use routing cache for inexact matchings


On route selection, make the cache to be used only when the flow
output interface corresponds to the next hop interface. This
fixes problems for IPv6 hosts in multi-interfaces setup.

When a packet is sent through an interface, the RTF_CACHE entry
is created based on a specific flow information (e.g. with
fl6->flowi6_oif set to a specific value). If another packet is
sent with a different flow information than the first one, the
RTF_CACHE entry is used regardless of flow information, even if
this information would make the route selection algorithm to
select a different route.

By ignoring RTF_CACHE entries for which rt6_check_dev() fails,
we ensure consistency of the route selection algorithm.

Signed-off-by: Emmanuel Thierry <emmanuel.thierry@...ecom-bretagne.eu>
---
 net/ipv6/route.c |    3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/net/ipv6/route.c b/net/ipv6/route.c
index f54e3a1..65ce3d9 100644
--- a/net/ipv6/route.c
+++ b/net/ipv6/route.c
@@ -595,7 +595,8 @@ static int rt6_score_route(struct rt6_info *rt, int oif,
 	int m;
 
 	m = rt6_check_dev(rt, oif);
-	if (!m && (strict & RT6_LOOKUP_F_IFACE))
+	if (!m &&
+	    ((strict & RT6_LOOKUP_F_IFACE) || (rt->rt6i_flags & RTF_CACHE)))
 		return RT6_NUD_FAIL_HARD;
 #ifdef CONFIG_IPV6_ROUTER_PREF
 	m |= IPV6_DECODE_PREF(IPV6_EXTRACT_PREF(rt->rt6i_flags)) << 2;
-- 
1.7.9.5
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ