| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 13 Mar 2017 00:01:35 +0100
From: Hannes Frederic Sowa <hannes@...essinduktion.org>
To: netdev@...r.kernel.org
Subject: [PATCH net-next RFC v1 11/27] afnetns: validate afnetns in inet_allow_bind
Signed-off-by: Hannes Frederic Sowa <hannes@...essinduktion.org>
---
net/ipv4/af_inet.c | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c
index aee599e23137e7..5f11399bafd16f 100644
--- a/net/ipv4/af_inet.c
+++ b/net/ipv4/af_inet.c
@@ -453,6 +453,17 @@ int inet_allow_bind(struct sock *sk, __be32 addr)
chk_addr_ret != RTN_BROADCAST)
return -EADDRNOTAVAIL;
+ if (chk_addr_ret == RTN_LOCAL &&
+ net_afnetns(net) != sock_afnetns(sk)) {
+ struct afnetns *afnetns;
+
+ rcu_read_lock();
+ afnetns = ifa_find_afnetns_rcu(net, addr);
+ if (afnetns != sock_afnetns(sk))
+ chk_addr_ret = -EADDRNOTAVAIL;
+ rcu_read_unlock();
+ }
+
return chk_addr_ret;
}
EXPORT_SYMBOL(inet_allow_bind);
--
2.9.3
Powered by blists - more mailing lists