lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:   Tue, 22 Feb 2022 09:41:27 -0800
From:   Stephen Hemminger <stephen@...workplumber.org>
To:     netdev@...r.kernel.org
Subject: Fw: [Bug 215633] New: GENEVE:cannot support bind
 listening address



Begin forwarded message:

Date: Tue, 22 Feb 2022 12:39:10 +0000
From: bugzilla-daemon@...nel.org
To: stephen@...workplumber.org
Subject: [Bug 215633] New: GENEVE:cannot support bind listening address


https://bugzilla.kernel.org/show_bug.cgi?id=215633

            Bug ID: 215633
           Summary: GENEVE:cannot support bind listening address
           Product: Networking
           Version: 2.5
    Kernel Version: 4.19.90
          Hardware: All
                OS: Linux
              Tree: Mainline
            Status: NEW
          Severity: normal
          Priority: P1
         Component: IPV4
          Assignee: stephen@...workplumber.org
          Reporter: rmsh1216@....com
        Regression: No

when create geneve interface and turn it up, then found the specified port is
listening at 0.0.0.0 address.

[root@...alhost ~]# ip link add geneve1 type geneve id 2 dstport 6081 remote
10.10.10.2
[root@...alhost ~]# netstat -apntu|grep 6081
udp        0      0 0.0.0.0:6081            0.0.0.0:*                          
-

read the code, the geneve driver initializes the IP address to 0 by default. It
does not support setting the listening address.

static struct socket *geneve_create_sock(struct net *net, bool ipv6,
                                         __be16 port, bool ipv6_rx_csum)
{
        struct socket *sock;
        struct udp_port_cfg udp_conf;
        int err;

        memset(&udp_conf, 0, sizeof(udp_conf));

        if (ipv6) {
                udp_conf.family = AF_INET6;
                udp_conf.ipv6_v6only = 1;
                udp_conf.use_udp6_rx_checksums = ipv6_rx_csum;
        } else {
                udp_conf.family = AF_INET;
                udp_conf.local_ip.s_addr = htonl(INADDR_ANY);
        }

        udp_conf.local_udp_port = port;

        /* Open UDP socket */
        err = udp_sock_create(net, &udp_conf, &sock);
        if (err < 0)
                return ERR_PTR(err);

        return sock;
}

It is necessary to support configurable listening address for the reaseon that 
0.0.0.0 address listen is not safe.

-- 
You may reply to this email to add a comment.

You are receiving this mail because:
You are the assignee for the bug.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ