| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 25 Mar 2014 20:13:00 +0100
From: Hannes Frederic Sowa <hannes@...essinduktion.org>
To: Simon Schneider <simon-schneider@....net>
Cc: netdev@...r.kernel.org
Subject: Re: Re: Re: Link-local source IPv6 address in unicast Neighbor Solicitation towards global destination
Hi Simon,
On Tue, Mar 11, 2014 at 01:15:17PM +0100, Simon Schneider wrote:
> Hi Hannes,
> thanks a lot.
>
> We'll integrate and test the patch.
Did the patch improve the situation for you? I wonder because I would like to
submit it for net-next then.
Thanks,
Hannes
> > Gesendet: Montag, 10. März 2014 um 03:44 Uhr
> > Von: "Hannes Frederic Sowa" <hannes@...essinduktion.org>
> > An: "Simon Schneider" <simon-schneider@....net>
> > Cc: netdev@...r.kernel.org
> > Betreff: Re: Re: Link-local source IPv6 address in unicast Neighbor Solicitation towards global destination
> >
> > Hi Simon!
> >
> > On Thu, Mar 06, 2014 at 10:18:23AM +0100, Simon Schneider wrote:
> > > thanks, checking that would be good.
> > >
> > > Another point here (probably a bit academic): without link-local address on the interface (just the global one), the unicast NS for NUD is not sent at all.
> > >
> > > The neighbor cache entry is in DELAY state for some time, unicast NS is not sent, then the entry is moved to FAILED rather quickly.
> >
> > Yep, that's the case. IMHO undefined behaviour so it is ok but could
> > be improved.
> >
> > This would be the patch, should improve your initial observation and would
> > also "fix" the situation you noted above. Could you give it a test drive?
> >
> > diff --git a/net/ipv6/ndisc.c b/net/ipv6/ndisc.c
> > index 09a22f4..43c66f6 100644
> > --- a/net/ipv6/ndisc.c
> > +++ b/net/ipv6/ndisc.c
> > @@ -553,7 +553,17 @@ void ndisc_send_ns(struct net_device *dev, struct neighbour *neigh,
> > struct nd_msg *msg;
> >
> > if (saddr == NULL) {
> > - if (ipv6_get_lladdr(dev, &addr_buf,
> > + if (!ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
> > + inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
> > + &addr_buf) &&
> > + ipv6_chk_addr(dev_net(dev), &addr_buf, dev, 1)) {
> > + struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), &addr_buf, dev, 1);
> > + if (ifp && !(ifp->flags & IFA_F_OPTIMISTIC))
> > + saddr = &addr_buf;
> > + in6_ifa_put(ifp);
> > + }
> > +
> > + if (!saddr && ipv6_get_lladdr(dev, &addr_buf,
> > (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
> > return;
> > saddr = &addr_buf;
> >
> >
> > Thanks,
> >
> > Hannes
> >
> >
> --
> To unsubscribe from this list: send the line "unsubscribe netdev" in
> the body of a message to majordomo@...r.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
--
gruss,
Hannes
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists