lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 21 Aug 2014 19:22:27 +0200 From: Johannes Berg <johannes@...solutions.net> To: linux-wireless@...r.kernel.org, netdev@...r.kernel.org Cc: Johannes Berg <johannes.berg@...el.com> Subject: [RFC] net: ipv4: drop unicast encapsulated in L2 multicast From: Johannes Berg <johannes.berg@...el.com> RFC 1122 says that unicast packets encapsulated in broadcast link-layer packets should be dropped. Implement that, but also extend it to link-layer multicast packets. Signed-off-by: Johannes Berg <johannes.berg@...el.com> --- net/ipv4/route.c | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/net/ipv4/route.c b/net/ipv4/route.c index eaa4b000c7b4..c374fcc73ee0 100644 --- a/net/ipv4/route.c +++ b/net/ipv4/route.c @@ -1710,6 +1710,23 @@ static int ip_route_input_slow(struct sk_buff *skb, __be32 daddr, __be32 saddr, goto no_route; } + /* RFC 1122 3.3.6: + * + * When a host sends a datagram to a link-layer broadcast address, + * the IP destination address MUST be a legal IP broadcast or IP + * multicast address. + * + * A host SHOULD silently discard a datagram that is received via + * a link-layer broadcast (see Section 2.4) but does not specify + * an IP multicast or broadcast destination address. + * + * We also do this for link-layer multicast. + */ + if ((skb->pkt_type == PACKET_BROADCAST || + skb->pkt_type == PACKET_MULTICAST) && + res.type != RTN_BROADCAST) + goto e_inval; + if (res.type == RTN_BROADCAST) goto brd_input; -- 2.0.0 -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists