| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 19 Feb 2020 09:45:10 -0500
From: Alexander Aring <alex.aring@...il.com>
To: davem@...emloft.net
Cc: kuznet@....inr.ac.ru, yoshfuji@...ux-ipv6.org, kuba@...nel.org,
dav.lebrun@...il.com, mcr@...delman.ca, stefan@...enfreihafen.org,
kai.beckmann@...rm.de, martin.gergeleit@...rm.de,
robert.kaiser@...rm.de, netdev@...r.kernel.org
Subject: Re: [PACTH net-next 5/5] net: ipv6: add rpl sr tunnel
Hi,
On Mon, Feb 17, 2020 at 05:35:41PM -0500, Alexander Aring wrote:
> This patch adds functionality to configure routes for RPL source routing
> functionality. There is no IPIP functionality yet implemented which can
> be added later when the cases when to use IPv6 encapuslation comes more
> clear.
>
...
> +
> +static bool rpl_validate_srh(struct net *net, struct ipv6_rpl_sr_hdr *srh,
> + size_t seglen)
> +{
> + int err;
> +
> + if ((srh->hdrlen << 3) != seglen)
> + return false;
> +
I added here a:
/* check at least one segment and seglen fit with segments_left */
if (!srh->segments_left ||
(srh->segments_left * sizeof(struct in6_addr)) != seglen)
return false;
which makes sense to do. No zero segments and check if seglen is the
same as 16 * segments, because we don't support to set compressed
segments yet and I don't know if we ever will.
> + if (srh->cmpri || srh->cmpre)
> + return false;
> +
> + err = ipv6_chk_rpl_srh_loop(net, srh->rpl_segaddr,
> + srh->segments_left);
> + if (err)
> + return false;
> +
> + if (ipv6_addr_type(&srh->rpl_segaddr[srh->segments_left - 1]) &
> + IPV6_ADDR_MULTICAST)
> + return false;
> +
> + return true;
> +}
> +
- Alex
Powered by blists - more mailing lists