lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <ZAm+ovPoEFfESOQI@nanopsycho>
Date:   Thu, 9 Mar 2023 12:10:26 +0100
From:   Jiri Pirko <jiri@...nulli.us>
To:     Jianguo Wu <wujianguo106@....com>
Cc:     netdev <netdev@...r.kernel.org>,
        "edumazet@...gle.com >> Eric Dumazet" <edumazet@...gle.com>,
        davem@...emloft.net, daniel@...earbox.net,
        Florian Westphal <fw@...len.de>
Subject: Re: [PATCH net-next] ipvlan: Make skb->skb_iif track skb->dev for
 l3s mode

Thu, Mar 09, 2023 at 03:03:36AM CET, wujianguo106@....com wrote:
>From: Jianguo Wu <wujianguo@...natelecom.cn>
>
>For l3s mode, skb->dev is set to ipvlan interface in ipvlan_nf_input():
>  skb->dev = addr->master->dev
>but, skb->skb_iif remain unchanged, this will cause socket lookup failed
>if a target socket is bound to a interface, like the following example:
>
>  ip link add ipvlan0 link eth0 type ipvlan mode l3s
>  ip addr add dev ipvlan0 192.168.124.111/24
>  ip link set ipvlan0 up
>
>  ping -c 1 -I ipvlan0 8.8.8.8
>  100% packet loss
>
>This is because there is no match sk in __raw_v4_lookup() as sk->sk_bound_dev_if != dif(skb->skb_iif).
>Fix this by make skb->skb_iif track skb->dev in ipvlan_nf_input().
>
>Fixes: c675e06a98a4 ("ipvlan: decouple l3s mode dependencies from other modes").
>
>Signed-off-by: Jianguo Wu <wujianguo@...natelecom.cn>
>---
> drivers/net/ipvlan/ipvlan_l3s.c | 1 +
> 1 file changed, 1 insertion(+)
>
>diff --git a/drivers/net/ipvlan/ipvlan_l3s.c b/drivers/net/ipvlan/ipvlan_l3s.c
>index 943d26cbf39f..71712ea25403 100644
>--- a/drivers/net/ipvlan/ipvlan_l3s.c
>+++ b/drivers/net/ipvlan/ipvlan_l3s.c
>@@ -101,6 +101,7 @@ static unsigned int ipvlan_nf_input(void *priv, struct sk_buff *skb,
> 		goto out;
>
> 	skb->dev = addr->master->dev;
>+	skb->skb_iif = skb->dev->ifindex;

I think we should have a macro to replace skb->dev which would handle
this too. It's on multiple places.

Anyway, this patch looks fine to me.

Reviewed-by: Jiri Pirko <jiri@...dia.com>



> 	len = skb->len + ETH_HLEN;
> 	ipvlan_count_rx(addr->master, len, true, false);
> out:
>-- 
>1.8.3.1
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ