lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <ba4d41bc-ec24-f4b4-e4d5-f9db51fed071@kernel.org> Date: Thu, 24 Nov 2022 20:00:24 -0800 From: David Ahern <dsahern@...nel.org> To: Richard Gobert <richardbgobert@...il.com>, davem@...emloft.net, yoshfuji@...ux-ipv6.org, edumazet@...gle.com, kuba@...nel.org, pabeni@...hat.com, netdev@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH] net: setsockopt: fix IPV6_UNICAST_IF option for connected sockets On 11/24/22 4:48 AM, Richard Gobert wrote: > Change the behaviour of ip6_datagram_connect to consider the interface > set by the IPV6_UNICAST_IF socket option, similarly to udpv6_sendmsg. > > This change is the IPv6 counterpart of the fix for IP_UNICAST_IF. > The tests introduced by that patch showed that the incorrect > behavior is present in IPv6 as well. > This patch fixes the broken test. > > Reported-by: kernel test robot <oliver.sang@...el.com> > Link: https://lore.kernel.org/r/202210062117.c7eef1a3-oliver.sang@intel.com > Fixes tag here. > Signed-off-by: Richard Gobert <richardbgobert@...il.com> > --- > net/ipv6/datagram.c | 16 +++++++++++----- > 1 file changed, 11 insertions(+), 5 deletions(-) > > diff --git a/net/ipv6/datagram.c b/net/ipv6/datagram.c > index 7c7155b48f17..c3999f9e3545 100644 > --- a/net/ipv6/datagram.c > +++ b/net/ipv6/datagram.c > @@ -42,24 +42,30 @@ static void ip6_datagram_flow_key_init(struct flowi6 *fl6, struct sock *sk) > { > struct inet_sock *inet = inet_sk(sk); > struct ipv6_pinfo *np = inet6_sk(sk); > + int oif; int oif = sk->sk_bound_dev_if; > > memset(fl6, 0, sizeof(*fl6)); > fl6->flowi6_proto = sk->sk_protocol; > fl6->daddr = sk->sk_v6_daddr; > fl6->saddr = np->saddr; > - fl6->flowi6_oif = sk->sk_bound_dev_if; > + oif = sk->sk_bound_dev_if; and then drop this line in the middle of all of the fl6 setup. > fl6->flowi6_mark = sk->sk_mark; > fl6->fl6_dport = inet->inet_dport; > fl6->fl6_sport = inet->inet_sport; > fl6->flowlabel = np->flow_label; > fl6->flowi6_uid = sk->sk_uid; > > - if (!fl6->flowi6_oif) > - fl6->flowi6_oif = np->sticky_pktinfo.ipi6_ifindex; > + if (!oif) > + oif = np->sticky_pktinfo.ipi6_ifindex; > > - if (!fl6->flowi6_oif && ipv6_addr_is_multicast(&fl6->daddr)) > - fl6->flowi6_oif = np->mcast_oif; > + if (!oif) { > + if (ipv6_addr_is_multicast(&fl6->daddr)) > + oif = np->mcast_oif; > + else > + oif = np->ucast_oif; > + } > > + fl6->flowi6_oif = oif; > security_sk_classify_flow(sk, flowi6_to_flowi_common(fl6)); > } > thanks for the fix. Besides the nit, Reviewed-by: David Ahern <dsahern@...nel.org>
Powered by blists - more mailing lists