| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <34c7b892-a1fc-a9b2-b1ef-848341f51d52@gmail.com> Date: Tue, 1 Jan 2019 09:24:15 -0700 From: David Ahern <dsahern@...il.com> To: Ralf Jung <post@...fj.de>, netdev@...r.kernel.org Cc: Ondrej Zajicek <santiago@...reenet.org>, jan.matejka@....cz Subject: Re: Cannot bind to IPv6 address in VRF On 1/1/19 7:58 AM, Ralf Jung wrote: > If instead, in the last line, I use the IPv6 address of eth0 (which is not > inside this VRF), the `bind` call succeeds. On the other hand, when I try using > the eth0 IPv4 address in the first block, `bind` fails as expected because the > address is not inside `vrf_freifunk`. > If I replace `vrf_freifunk` by `tun-up-a_ak` (which is more like what Bird > does), the behavior remains the same. > > I think this is a kernel bug, it seems like setting `SO_BINDTODEVICE` on the > IPv6 socket is just ignored entirely. > I see the problem. The check on the address bind is not considering the L3 domain - or even the device at all. That's why binding to an address in the default VRF works, but bind to an address in a VRF fails (requires an l3mdev match). Not sure how this has fallen through the cracks over the last 3 years. I will send a patch. Most likely will not happen until tomorrow.
Powered by blists - more mailing lists