| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20160129.203147.89087242679903549.davem@davemloft.net>
Date: Fri, 29 Jan 2016 20:31:47 -0800 (PST)
From: David Miller <davem@...emloft.net>
To: pabeni@...hat.com
Cc: netdev@...r.kernel.org, dsa@...ulusnetworks.com,
thehajime@...il.com, lucien.xin@...il.com,
marcelo.leitner@...il.com, hannes@...essinduktion.org,
yoshfuji@...ux-ipv6.org
Subject: Re: [PATCH net v2 0/2] pv6: fix sticky pktinfo behaviour
From: Paolo Abeni <pabeni@...hat.com>
Date: Fri, 29 Jan 2016 12:30:18 +0100
> Currently:
>
> ip addr add dev eth0 2001:0010::1/64
> ip addr add dev eth1 2001:0020::1/64
> ping6 -I eth0 2001:0020::2
>
> do not lead to the expected results, i.e. eth1 is used as the
> egress interface.
>
> This is due to two related issues in handling sticky pktinfo,
> used by ping6 to enforce the device binding:
>
> - ip6_dst_lookup_flow()/ip6_dst_lookup_tail() do not really enforce
> flowi6_oif match
> - ipv6 udp connect() just ignore flowi6_oif
>
> These patches address each issue individually.
>
> The kernel has never enforced the egress interface specified
> via the sticky pktinfo, except briefly between the commits
> 741a11d9e410 ("net: ipv6: Add RT6_LOOKUP_F_IFACE flag if oif is set")
> and
> d46a9d678e4c ("net: ipv6: Dont add RT6_LOOKUP_F_IFACE flag if saddr set"),
> but the ping6 tools was unaffected up to iputils-20100214,
> since before it used SO_BINDTODEVICE to enforce the egress
> interface.
Series applied, thanks.
Powered by blists - more mailing lists