All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH v2] sctp: full support for ipv6 ip_nonlocal_bind & IP_FREEBIND
@ 2017-10-23 17:19 ` Laszlo Toth
  0 siblings, 0 replies; 6+ messages in thread
From: Laszlo Toth @ 2017-10-23 17:19 UTC (permalink / raw)
  To: Vlad Yasevich, Neil Horman, linux-sctp
  Cc: network dev, David S. Miller, Xin Long

Commit 9b9742022888 ("sctp: support ipv6 nonlocal bind")
introduced support for the above options as v4 sctp did,
so patched sctp_v6_available().

In the v4 implementation it's enough, because
sctp_inet_bind_verify() just returns with sctp_v4_available().
However sctp_inet6_bind_verify() has an extra check before that
for link-local scope_id, which won't respect the above options.

Added the checks before calling ipv6_chk_addr(), but
not before the validation of scope_id.

before (w/ both options):
 ./v6test fe80::10 sctp
 bind failed, errno: 99 (Cannot assign requested address)
 ./v6test fe80::10 tcp
 bind success, errno: 0 (Success)

after (w/ both options):
 ./v6test fe80::10 sctp
 bind success, errno: 0 (Success)

Signed-off-by: Laszlo Toth <laszlth@gmail.com>
---
changed in v2:
 - fixed indentation

 net/sctp/ipv6.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c
index 51c4887..7fe9e1d1 100644
--- a/net/sctp/ipv6.c
+++ b/net/sctp/ipv6.c
@@ -882,8 +882,10 @@ static int sctp_inet6_bind_verify(struct sctp_sock *opt, union sctp_addr *addr)
 			net = sock_net(&opt->inet.sk);
 			rcu_read_lock();
 			dev = dev_get_by_index_rcu(net, addr->v6.sin6_scope_id);
-			if (!dev ||
-			    !ipv6_chk_addr(net, &addr->v6.sin6_addr, dev, 0)) {
+			if (!dev || !(opt->inet.freebind ||
+				      net->ipv6.sysctl.ip_nonlocal_bind ||
+				      ipv6_chk_addr(net, &addr->v6.sin6_addr,
+						    dev, 0))) {
 				rcu_read_unlock();
 				return 0;
 			}
-- 
2.7.4

^ permalink raw reply related	[flat|nested] 6+ messages in thread
* [PATCH v2] sctp: full support for ipv6 ip_nonlocal_bind & IP_FREEBIND
@ 2017-10-23 17:19 ` Laszlo Toth
  0 siblings, 0 replies; 6+ messages in thread
From: Laszlo Toth @ 2017-10-23 17:19 UTC (permalink / raw)
  To: Vlad Yasevich, Neil Horman, linux-sctp
  Cc: network dev, David S. Miller, Xin Long

Commit 9b9742022888 ("sctp: support ipv6 nonlocal bind")
introduced support for the above options as v4 sctp did,
so patched sctp_v6_available().

In the v4 implementation it's enough, because
sctp_inet_bind_verify() just returns with sctp_v4_available().
However sctp_inet6_bind_verify() has an extra check before that
for link-local scope_id, which won't respect the above options.

Added the checks before calling ipv6_chk_addr(), but
not before the validation of scope_id.

before (w/ both options):
 ./v6test fe80::10 sctp
 bind failed, errno: 99 (Cannot assign requested address)
 ./v6test fe80::10 tcp
 bind success, errno: 0 (Success)

after (w/ both options):
 ./v6test fe80::10 sctp
 bind success, errno: 0 (Success)

Signed-off-by: Laszlo Toth <laszlth@gmail.com>
---
changed in v2:
 - fixed indentation

 net/sctp/ipv6.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c
index 51c4887..7fe9e1d1 100644
--- a/net/sctp/ipv6.c
+++ b/net/sctp/ipv6.c
@@ -882,8 +882,10 @@ static int sctp_inet6_bind_verify(struct sctp_sock *opt, union sctp_addr *addr)
 			net = sock_net(&opt->inet.sk);
 			rcu_read_lock();
 			dev = dev_get_by_index_rcu(net, addr->v6.sin6_scope_id);
-			if (!dev ||
-			    !ipv6_chk_addr(net, &addr->v6.sin6_addr, dev, 0)) {
+			if (!dev || !(opt->inet.freebind ||
+				      net->ipv6.sysctl.ip_nonlocal_bind ||
+				      ipv6_chk_addr(net, &addr->v6.sin6_addr,
+						    dev, 0))) {
 				rcu_read_unlock();
 				return 0;
 			}
-- 
2.7.4


^ permalink raw reply related	[flat|nested] 6+ messages in thread
* Re: [PATCH v2] sctp: full support for ipv6 ip_nonlocal_bind & IP_FREEBIND
  2017-10-23 17:19 ` Laszlo Toth
@ 2017-10-24  6:18   ` Xin Long
  -1 siblings, 0 replies; 6+ messages in thread
From: Xin Long @ 2017-10-24  6:18 UTC (permalink / raw)
  To: Laszlo Toth
  Cc: Vlad Yasevich, Neil Horman, linux-sctp, network dev, David S. Miller

On Tue, Oct 24, 2017 at 1:19 AM, Laszlo Toth <laszlth@gmail.com> wrote:
> Commit 9b9742022888 ("sctp: support ipv6 nonlocal bind")
> introduced support for the above options as v4 sctp did,
> so patched sctp_v6_available().
>
> In the v4 implementation it's enough, because
> sctp_inet_bind_verify() just returns with sctp_v4_available().
> However sctp_inet6_bind_verify() has an extra check before that
> for link-local scope_id, which won't respect the above options.
>
> Added the checks before calling ipv6_chk_addr(), but
> not before the validation of scope_id.
>
> before (w/ both options):
>  ./v6test fe80::10 sctp
>  bind failed, errno: 99 (Cannot assign requested address)
>  ./v6test fe80::10 tcp
>  bind success, errno: 0 (Success)
>
> after (w/ both options):
>  ./v6test fe80::10 sctp
>  bind success, errno: 0 (Success)
>
> Signed-off-by: Laszlo Toth <laszlth@gmail.com>
> ---
> changed in v2:
>  - fixed indentation
>
>  net/sctp/ipv6.c | 6 ++++--
>  1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c
> index 51c4887..7fe9e1d1 100644
> --- a/net/sctp/ipv6.c
> +++ b/net/sctp/ipv6.c
> @@ -882,8 +882,10 @@ static int sctp_inet6_bind_verify(struct sctp_sock *opt, union sctp_addr *addr)
>                         net = sock_net(&opt->inet.sk);
>                         rcu_read_lock();
>                         dev = dev_get_by_index_rcu(net, addr->v6.sin6_scope_id);
> -                       if (!dev ||
> -                           !ipv6_chk_addr(net, &addr->v6.sin6_addr, dev, 0)) {
> +                       if (!dev || !(opt->inet.freebind ||
> +                                     net->ipv6.sysctl.ip_nonlocal_bind ||
> +                                     ipv6_chk_addr(net, &addr->v6.sin6_addr,
> +                                                   dev, 0))) {
>                                 rcu_read_unlock();
>                                 return 0;
>                         }
> --
> 2.7.4
>
Reviewed-by: Xin Long <lucien.xin@gmail.com>

Thanks.

^ permalink raw reply	[flat|nested] 6+ messages in thread
* Re: [PATCH v2] sctp: full support for ipv6 ip_nonlocal_bind & IP_FREEBIND
@ 2017-10-24  6:18   ` Xin Long
  0 siblings, 0 replies; 6+ messages in thread
From: Xin Long @ 2017-10-24  6:18 UTC (permalink / raw)
  To: Laszlo Toth
  Cc: Vlad Yasevich, Neil Horman, linux-sctp, network dev, David S. Miller

On Tue, Oct 24, 2017 at 1:19 AM, Laszlo Toth <laszlth@gmail.com> wrote:
> Commit 9b9742022888 ("sctp: support ipv6 nonlocal bind")
> introduced support for the above options as v4 sctp did,
> so patched sctp_v6_available().
>
> In the v4 implementation it's enough, because
> sctp_inet_bind_verify() just returns with sctp_v4_available().
> However sctp_inet6_bind_verify() has an extra check before that
> for link-local scope_id, which won't respect the above options.
>
> Added the checks before calling ipv6_chk_addr(), but
> not before the validation of scope_id.
>
> before (w/ both options):
>  ./v6test fe80::10 sctp
>  bind failed, errno: 99 (Cannot assign requested address)
>  ./v6test fe80::10 tcp
>  bind success, errno: 0 (Success)
>
> after (w/ both options):
>  ./v6test fe80::10 sctp
>  bind success, errno: 0 (Success)
>
> Signed-off-by: Laszlo Toth <laszlth@gmail.com>
> ---
> changed in v2:
>  - fixed indentation
>
>  net/sctp/ipv6.c | 6 ++++--
>  1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c
> index 51c4887..7fe9e1d1 100644
> --- a/net/sctp/ipv6.c
> +++ b/net/sctp/ipv6.c
> @@ -882,8 +882,10 @@ static int sctp_inet6_bind_verify(struct sctp_sock *opt, union sctp_addr *addr)
>                         net = sock_net(&opt->inet.sk);
>                         rcu_read_lock();
>                         dev = dev_get_by_index_rcu(net, addr->v6.sin6_scope_id);
> -                       if (!dev ||
> -                           !ipv6_chk_addr(net, &addr->v6.sin6_addr, dev, 0)) {
> +                       if (!dev || !(opt->inet.freebind ||
> +                                     net->ipv6.sysctl.ip_nonlocal_bind ||
> +                                     ipv6_chk_addr(net, &addr->v6.sin6_addr,
> +                                                   dev, 0))) {
>                                 rcu_read_unlock();
>                                 return 0;
>                         }
> --
> 2.7.4
>
Reviewed-by: Xin Long <lucien.xin@gmail.com>

Thanks.

^ permalink raw reply	[flat|nested] 6+ messages in thread
* Re: [PATCH v2] sctp: full support for ipv6 ip_nonlocal_bind & IP_FREEBIND
  2017-10-23 17:19 ` Laszlo Toth
@ 2017-10-24  9:40   ` David Miller
  -1 siblings, 0 replies; 6+ messages in thread
From: David Miller @ 2017-10-24  9:40 UTC (permalink / raw)
  To: laszlth; +Cc: vyasevich, nhorman, linux-sctp, netdev, lucien.xin

From: Laszlo Toth <laszlth@gmail.com>
Date: Mon, 23 Oct 2017 19:19:33 +0200

> Commit 9b9742022888 ("sctp: support ipv6 nonlocal bind")
> introduced support for the above options as v4 sctp did,
> so patched sctp_v6_available().
> 
> In the v4 implementation it's enough, because
> sctp_inet_bind_verify() just returns with sctp_v4_available().
> However sctp_inet6_bind_verify() has an extra check before that
> for link-local scope_id, which won't respect the above options.
> 
> Added the checks before calling ipv6_chk_addr(), but
> not before the validation of scope_id.
> 
> before (w/ both options):
>  ./v6test fe80::10 sctp
>  bind failed, errno: 99 (Cannot assign requested address)
>  ./v6test fe80::10 tcp
>  bind success, errno: 0 (Success)
> 
> after (w/ both options):
>  ./v6test fe80::10 sctp
>  bind success, errno: 0 (Success)
> 
> Signed-off-by: Laszlo Toth <laszlth@gmail.com>

Applied.

^ permalink raw reply	[flat|nested] 6+ messages in thread
* Re: [PATCH v2] sctp: full support for ipv6 ip_nonlocal_bind & IP_FREEBIND
@ 2017-10-24  9:40   ` David Miller
  0 siblings, 0 replies; 6+ messages in thread
From: David Miller @ 2017-10-24  9:40 UTC (permalink / raw)
  To: laszlth; +Cc: vyasevich, nhorman, linux-sctp, netdev, lucien.xin

From: Laszlo Toth <laszlth@gmail.com>
Date: Mon, 23 Oct 2017 19:19:33 +0200

> Commit 9b9742022888 ("sctp: support ipv6 nonlocal bind")
> introduced support for the above options as v4 sctp did,
> so patched sctp_v6_available().
> 
> In the v4 implementation it's enough, because
> sctp_inet_bind_verify() just returns with sctp_v4_available().
> However sctp_inet6_bind_verify() has an extra check before that
> for link-local scope_id, which won't respect the above options.
> 
> Added the checks before calling ipv6_chk_addr(), but
> not before the validation of scope_id.
> 
> before (w/ both options):
>  ./v6test fe80::10 sctp
>  bind failed, errno: 99 (Cannot assign requested address)
>  ./v6test fe80::10 tcp
>  bind success, errno: 0 (Success)
> 
> after (w/ both options):
>  ./v6test fe80::10 sctp
>  bind success, errno: 0 (Success)
> 
> Signed-off-by: Laszlo Toth <laszlth@gmail.com>

Applied.

^ permalink raw reply	[flat|nested] 6+ messages in thread
end of thread, other threads:[~2017-10-24  9:40 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-10-23 17:19 [PATCH v2] sctp: full support for ipv6 ip_nonlocal_bind & IP_FREEBIND Laszlo Toth
2017-10-23 17:19 ` Laszlo Toth
2017-10-24  6:18 ` Xin Long
2017-10-24  6:18   ` Xin Long
2017-10-24  9:40 ` David Miller
2017-10-24  9:40   ` David Miller

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.