* [PATCH v2] sctp: full support for ipv6 ip_nonlocal_bind & IP_FREEBIND
@ 2017-10-23 17:19 ` Laszlo Toth
0 siblings, 0 replies; 6+ messages in thread
From: Laszlo Toth @ 2017-10-23 17:19 UTC (permalink / raw)
To: Vlad Yasevich, Neil Horman, linux-sctp
Cc: network dev, David S. Miller, Xin Long
Commit 9b9742022888 ("sctp: support ipv6 nonlocal bind")
introduced support for the above options as v4 sctp did,
so patched sctp_v6_available().
In the v4 implementation it's enough, because
sctp_inet_bind_verify() just returns with sctp_v4_available().
However sctp_inet6_bind_verify() has an extra check before that
for link-local scope_id, which won't respect the above options.
Added the checks before calling ipv6_chk_addr(), but
not before the validation of scope_id.
before (w/ both options):
./v6test fe80::10 sctp
bind failed, errno: 99 (Cannot assign requested address)
./v6test fe80::10 tcp
bind success, errno: 0 (Success)
after (w/ both options):
./v6test fe80::10 sctp
bind success, errno: 0 (Success)
Signed-off-by: Laszlo Toth <laszlth@gmail.com>
---
changed in v2:
- fixed indentation
net/sctp/ipv6.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c
index 51c4887..7fe9e1d1 100644
--- a/net/sctp/ipv6.c
+++ b/net/sctp/ipv6.c
@@ -882,8 +882,10 @@ static int sctp_inet6_bind_verify(struct sctp_sock *opt, union sctp_addr *addr)
net = sock_net(&opt->inet.sk);
rcu_read_lock();
dev = dev_get_by_index_rcu(net, addr->v6.sin6_scope_id);
- if (!dev ||
- !ipv6_chk_addr(net, &addr->v6.sin6_addr, dev, 0)) {
+ if (!dev || !(opt->inet.freebind ||
+ net->ipv6.sysctl.ip_nonlocal_bind ||
+ ipv6_chk_addr(net, &addr->v6.sin6_addr,
+ dev, 0))) {
rcu_read_unlock();
return 0;
}
--
2.7.4
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH v2] sctp: full support for ipv6 ip_nonlocal_bind & IP_FREEBIND
@ 2017-10-23 17:19 ` Laszlo Toth
0 siblings, 0 replies; 6+ messages in thread
From: Laszlo Toth @ 2017-10-23 17:19 UTC (permalink / raw)
To: Vlad Yasevich, Neil Horman, linux-sctp
Cc: network dev, David S. Miller, Xin Long
Commit 9b9742022888 ("sctp: support ipv6 nonlocal bind")
introduced support for the above options as v4 sctp did,
so patched sctp_v6_available().
In the v4 implementation it's enough, because
sctp_inet_bind_verify() just returns with sctp_v4_available().
However sctp_inet6_bind_verify() has an extra check before that
for link-local scope_id, which won't respect the above options.
Added the checks before calling ipv6_chk_addr(), but
not before the validation of scope_id.
before (w/ both options):
./v6test fe80::10 sctp
bind failed, errno: 99 (Cannot assign requested address)
./v6test fe80::10 tcp
bind success, errno: 0 (Success)
after (w/ both options):
./v6test fe80::10 sctp
bind success, errno: 0 (Success)
Signed-off-by: Laszlo Toth <laszlth@gmail.com>
---
changed in v2:
- fixed indentation
net/sctp/ipv6.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c
index 51c4887..7fe9e1d1 100644
--- a/net/sctp/ipv6.c
+++ b/net/sctp/ipv6.c
@@ -882,8 +882,10 @@ static int sctp_inet6_bind_verify(struct sctp_sock *opt, union sctp_addr *addr)
net = sock_net(&opt->inet.sk);
rcu_read_lock();
dev = dev_get_by_index_rcu(net, addr->v6.sin6_scope_id);
- if (!dev ||
- !ipv6_chk_addr(net, &addr->v6.sin6_addr, dev, 0)) {
+ if (!dev || !(opt->inet.freebind ||
+ net->ipv6.sysctl.ip_nonlocal_bind ||
+ ipv6_chk_addr(net, &addr->v6.sin6_addr,
+ dev, 0))) {
rcu_read_unlock();
return 0;
}
--
2.7.4
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH v2] sctp: full support for ipv6 ip_nonlocal_bind & IP_FREEBIND
2017-10-23 17:19 ` Laszlo Toth
@ 2017-10-24 6:18 ` Xin Long
-1 siblings, 0 replies; 6+ messages in thread
From: Xin Long @ 2017-10-24 6:18 UTC (permalink / raw)
To: Laszlo Toth
Cc: Vlad Yasevich, Neil Horman, linux-sctp, network dev, David S. Miller
On Tue, Oct 24, 2017 at 1:19 AM, Laszlo Toth <laszlth@gmail.com> wrote:
> Commit 9b9742022888 ("sctp: support ipv6 nonlocal bind")
> introduced support for the above options as v4 sctp did,
> so patched sctp_v6_available().
>
> In the v4 implementation it's enough, because
> sctp_inet_bind_verify() just returns with sctp_v4_available().
> However sctp_inet6_bind_verify() has an extra check before that
> for link-local scope_id, which won't respect the above options.
>
> Added the checks before calling ipv6_chk_addr(), but
> not before the validation of scope_id.
>
> before (w/ both options):
> ./v6test fe80::10 sctp
> bind failed, errno: 99 (Cannot assign requested address)
> ./v6test fe80::10 tcp
> bind success, errno: 0 (Success)
>
> after (w/ both options):
> ./v6test fe80::10 sctp
> bind success, errno: 0 (Success)
>
> Signed-off-by: Laszlo Toth <laszlth@gmail.com>
> ---
> changed in v2:
> - fixed indentation
>
> net/sctp/ipv6.c | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c
> index 51c4887..7fe9e1d1 100644
> --- a/net/sctp/ipv6.c
> +++ b/net/sctp/ipv6.c
> @@ -882,8 +882,10 @@ static int sctp_inet6_bind_verify(struct sctp_sock *opt, union sctp_addr *addr)
> net = sock_net(&opt->inet.sk);
> rcu_read_lock();
> dev = dev_get_by_index_rcu(net, addr->v6.sin6_scope_id);
> - if (!dev ||
> - !ipv6_chk_addr(net, &addr->v6.sin6_addr, dev, 0)) {
> + if (!dev || !(opt->inet.freebind ||
> + net->ipv6.sysctl.ip_nonlocal_bind ||
> + ipv6_chk_addr(net, &addr->v6.sin6_addr,
> + dev, 0))) {
> rcu_read_unlock();
> return 0;
> }
> --
> 2.7.4
>
Reviewed-by: Xin Long <lucien.xin@gmail.com>
Thanks.
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH v2] sctp: full support for ipv6 ip_nonlocal_bind & IP_FREEBIND
@ 2017-10-24 6:18 ` Xin Long
0 siblings, 0 replies; 6+ messages in thread
From: Xin Long @ 2017-10-24 6:18 UTC (permalink / raw)
To: Laszlo Toth
Cc: Vlad Yasevich, Neil Horman, linux-sctp, network dev, David S. Miller
On Tue, Oct 24, 2017 at 1:19 AM, Laszlo Toth <laszlth@gmail.com> wrote:
> Commit 9b9742022888 ("sctp: support ipv6 nonlocal bind")
> introduced support for the above options as v4 sctp did,
> so patched sctp_v6_available().
>
> In the v4 implementation it's enough, because
> sctp_inet_bind_verify() just returns with sctp_v4_available().
> However sctp_inet6_bind_verify() has an extra check before that
> for link-local scope_id, which won't respect the above options.
>
> Added the checks before calling ipv6_chk_addr(), but
> not before the validation of scope_id.
>
> before (w/ both options):
> ./v6test fe80::10 sctp
> bind failed, errno: 99 (Cannot assign requested address)
> ./v6test fe80::10 tcp
> bind success, errno: 0 (Success)
>
> after (w/ both options):
> ./v6test fe80::10 sctp
> bind success, errno: 0 (Success)
>
> Signed-off-by: Laszlo Toth <laszlth@gmail.com>
> ---
> changed in v2:
> - fixed indentation
>
> net/sctp/ipv6.c | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c
> index 51c4887..7fe9e1d1 100644
> --- a/net/sctp/ipv6.c
> +++ b/net/sctp/ipv6.c
> @@ -882,8 +882,10 @@ static int sctp_inet6_bind_verify(struct sctp_sock *opt, union sctp_addr *addr)
> net = sock_net(&opt->inet.sk);
> rcu_read_lock();
> dev = dev_get_by_index_rcu(net, addr->v6.sin6_scope_id);
> - if (!dev ||
> - !ipv6_chk_addr(net, &addr->v6.sin6_addr, dev, 0)) {
> + if (!dev || !(opt->inet.freebind ||
> + net->ipv6.sysctl.ip_nonlocal_bind ||
> + ipv6_chk_addr(net, &addr->v6.sin6_addr,
> + dev, 0))) {
> rcu_read_unlock();
> return 0;
> }
> --
> 2.7.4
>
Reviewed-by: Xin Long <lucien.xin@gmail.com>
Thanks.
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH v2] sctp: full support for ipv6 ip_nonlocal_bind & IP_FREEBIND
2017-10-23 17:19 ` Laszlo Toth
@ 2017-10-24 9:40 ` David Miller
-1 siblings, 0 replies; 6+ messages in thread
From: David Miller @ 2017-10-24 9:40 UTC (permalink / raw)
To: laszlth; +Cc: vyasevich, nhorman, linux-sctp, netdev, lucien.xin
From: Laszlo Toth <laszlth@gmail.com>
Date: Mon, 23 Oct 2017 19:19:33 +0200
> Commit 9b9742022888 ("sctp: support ipv6 nonlocal bind")
> introduced support for the above options as v4 sctp did,
> so patched sctp_v6_available().
>
> In the v4 implementation it's enough, because
> sctp_inet_bind_verify() just returns with sctp_v4_available().
> However sctp_inet6_bind_verify() has an extra check before that
> for link-local scope_id, which won't respect the above options.
>
> Added the checks before calling ipv6_chk_addr(), but
> not before the validation of scope_id.
>
> before (w/ both options):
> ./v6test fe80::10 sctp
> bind failed, errno: 99 (Cannot assign requested address)
> ./v6test fe80::10 tcp
> bind success, errno: 0 (Success)
>
> after (w/ both options):
> ./v6test fe80::10 sctp
> bind success, errno: 0 (Success)
>
> Signed-off-by: Laszlo Toth <laszlth@gmail.com>
Applied.
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH v2] sctp: full support for ipv6 ip_nonlocal_bind & IP_FREEBIND
@ 2017-10-24 9:40 ` David Miller
0 siblings, 0 replies; 6+ messages in thread
From: David Miller @ 2017-10-24 9:40 UTC (permalink / raw)
To: laszlth; +Cc: vyasevich, nhorman, linux-sctp, netdev, lucien.xin
From: Laszlo Toth <laszlth@gmail.com>
Date: Mon, 23 Oct 2017 19:19:33 +0200
> Commit 9b9742022888 ("sctp: support ipv6 nonlocal bind")
> introduced support for the above options as v4 sctp did,
> so patched sctp_v6_available().
>
> In the v4 implementation it's enough, because
> sctp_inet_bind_verify() just returns with sctp_v4_available().
> However sctp_inet6_bind_verify() has an extra check before that
> for link-local scope_id, which won't respect the above options.
>
> Added the checks before calling ipv6_chk_addr(), but
> not before the validation of scope_id.
>
> before (w/ both options):
> ./v6test fe80::10 sctp
> bind failed, errno: 99 (Cannot assign requested address)
> ./v6test fe80::10 tcp
> bind success, errno: 0 (Success)
>
> after (w/ both options):
> ./v6test fe80::10 sctp
> bind success, errno: 0 (Success)
>
> Signed-off-by: Laszlo Toth <laszlth@gmail.com>
Applied.
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2017-10-24 9:40 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-10-23 17:19 [PATCH v2] sctp: full support for ipv6 ip_nonlocal_bind & IP_FREEBIND Laszlo Toth
2017-10-23 17:19 ` Laszlo Toth
2017-10-24 6:18 ` Xin Long
2017-10-24 6:18 ` Xin Long
2017-10-24 9:40 ` David Miller
2017-10-24 9:40 ` David Miller
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.