lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 15 Apr 2014 16:25:35 -0700 From: Cong Wang <xiyou.wangcong@...il.com> To: netdev@...r.kernel.org Cc: Cong Wang <xiyou.wangcong@...il.com>, Eric Biederman <ebiederm@...ssion.com>, Julian Anastasov <ja@....bg>, "David S. Miller" <davem@...emloft.net>, Cong Wang <cwang@...pensource.com> Subject: [Patch net v2 2/2] ipv4,route: pass 0 instead of LOOPBACK_IFINDEX to fib_validate_source() From: Cong Wang <cwang@...pensource.com> In my special case, when a packet is redirected from veth0 to lo, its skb->dev->ifindex would be LOOPBACK_IFINDEX. Meanwhile we pass the hard-coded LOOPBACK_IFINDEX to fib_validate_source() in ip_route_input_slow(). This would cause the following check in fib_validate_source() fail: (dev->ifindex != oif || !IN_DEV_TX_REDIRECTS(idev)) when rp_filter is disabeld on loopback. As suggested by Julian, the caller should pass 0 here so that we will not end up by calling __fib_validate_source(). Cc: Eric Biederman <ebiederm@...ssion.com> Cc: Julian Anastasov <ja@....bg> Cc: David S. Miller <davem@...emloft.net> Signed-off-by: Cong Wang <xiyou.wangcong@...il.com> Signed-off-by: Cong Wang <cwang@...pensource.com> --- net/ipv4/route.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/net/ipv4/route.c b/net/ipv4/route.c index 1485aaf..db1e0da 100644 --- a/net/ipv4/route.c +++ b/net/ipv4/route.c @@ -1700,8 +1700,7 @@ static int ip_route_input_slow(struct sk_buff *skb, __be32 daddr, __be32 saddr, if (res.type == RTN_LOCAL) { err = fib_validate_source(skb, saddr, daddr, tos, - LOOPBACK_IFINDEX, - dev, in_dev, &itag); + 0, dev, in_dev, &itag); if (err < 0) goto martian_source_keep_err; goto local_input; -- 1.8.3.1 -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists