| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1502361196-127278-2-git-send-email-ilyal@mellanox.com>
Date: Thu, 10 Aug 2017 13:33:14 +0300
From: Ilya Lesokhin <ilyal@...lanox.com>
To: netdev@...r.kernel.org
Cc: davejwatson@...com, aviadye@...lanox.com,
Ilya Lesokhin <ilyal@...lanox.com>,
Boris Pismenny <borisp@...lanox.com>
Subject: [PATCH 1/3] ipv6: Prevent unexpected sk->sk_prot changes
With this patch IPV6 code ensure that only sockets with the
expected sk->sk_prot are converted to IPV4.
Signed-off-by: Boris Pismenny <borisp@...lanox.com>
---
net/ipv6/ipv6_sockglue.c | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/net/ipv6/ipv6_sockglue.c b/net/ipv6/ipv6_sockglue.c
index 02d795f..318cd344 100644
--- a/net/ipv6/ipv6_sockglue.c
+++ b/net/ipv6/ipv6_sockglue.c
@@ -174,6 +174,7 @@ static int do_ipv6_setsockopt(struct sock *sk, int level, int optname,
if (val == PF_INET) {
struct ipv6_txoptions *opt;
struct sk_buff *pktopt;
+ struct proto *expected_prot;
if (sk->sk_type == SOCK_RAW)
break;
@@ -199,6 +200,17 @@ static int do_ipv6_setsockopt(struct sock *sk, int level, int optname,
break;
}
+ if (sk->sk_protocol == IPPROTO_TCP &&
+ sk->sk_prot != &tcpv6_prot)
+ break;
+
+ expected_prot = &udpv6_prot;
+ if (sk->sk_protocol == IPPROTO_UDPLITE)
+ expected_prot = &udplitev6_prot;
+
+ if (sk->sk_prot != expected_prot)
+ break;
+
fl6_free_socklist(sk);
__ipv6_sock_mc_close(sk);
--
1.8.3.1
Powered by blists - more mailing lists