From patchwork Mon Nov 29 10:55:46 2010 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Albert Pretorius X-Patchwork-Id: 73412 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 47B041007D4 for ; Mon, 29 Nov 2010 21:55:55 +1100 (EST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752539Ab0K2Kzs (ORCPT ); Mon, 29 Nov 2010 05:55:48 -0500 Received: from nm11-vm0.bullet.mail.ird.yahoo.com ([77.238.189.218]:38314 "HELO nm11-vm0.bullet.mail.ird.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with SMTP id S1751872Ab0K2Kzr convert rfc822-to-8bit (ORCPT ); Mon, 29 Nov 2010 05:55:47 -0500 Received: from [77.238.189.50] by nm11.bullet.mail.ird.yahoo.com with NNFMP; 29 Nov 2010 10:55:46 -0000 Received: from [212.82.108.249] by tm3.bullet.mail.ird.yahoo.com with NNFMP; 29 Nov 2010 10:55:46 -0000 Received: from [127.0.0.1] by omp1014.mail.ird.yahoo.com with NNFMP; 29 Nov 2010 10:55:46 -0000 X-Yahoo-Newman-Property: ymail-3 X-Yahoo-Newman-Id: 456883.55725.bm@omp1014.mail.ird.yahoo.com Received: (qmail 89185 invoked by uid 60001); 29 Nov 2010 10:55:46 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.co.uk; s=s1024; t=1291028146; bh=zFW9t6TEZGAF4sLy53JupkemhFj3JhU420eFFO4ya94=; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=QNSkqxkveIuASbKoHLVaJ1ZkRcE26E+l0jEUD5CJIJ0CZLM4+fRiShCxRzWicAPVBuWKAEgWxHgjSAo5sCqmCkO5TsOc1qmn/oYk0hOe3c5mmiZ41f+Py7C4MraiwaZ2EUqpcMK/uS/s3HOGg91CdyaiQMVaZoRDQ3Y3X4tA5U4= DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.co.uk; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=iHf5qV0SjZa9Qs0kpHr43bOqgDiMuL/WuKqr7ncWCpSzynRUUE3ExwUT+Ku0gnt8335Qk7VTGyOCQSrpe3HhYb6KPocZow68/0levSkAv2qWQq64n1FNmSPNB5Wiu1xMClYvvPP1mHcf6xRe6EGrTP4R2a0zzML3PWtwqZ507+g=; Message-ID: <328335.88387.qm@web29006.mail.ird.yahoo.com> X-YMail-OSG: MKLJITAVM1l3agMibU65iMNMqrm5SzJfYuUQ4m77rX7kGEQ nbN7R7I0BAaCuuRtkbPOaGhIQ6_s8dkgpIMWeTXhA2ZTYqYSR5YJBmMUcYFl 29hBMtCKwSXh3xOtA669NIoXi94HXkOy3E1zodK7Ymf7p7yB3VRsHCbWM07L uU8nBVoBOjVuezTu3R25I61sQ2EwEm1f.ZNJLRg__ktvAJ25pdtQngRWY8Pm DcOu0FXq6NuOBMRLO_xCbwqks7JKjBH3O_HO.M8lVfzcB4QmE5amjjErmDuj mPOo8l59HYWxmnsglXKYZZO3iaNqrXKP3Nk.L2QmR.OsZn3Y_Qbi73dUIY3k bXV1UDiv4W_9_ap0R7Cv8z2ozT3M8w3A0Zzma Received: from [91.212.94.4] by web29006.mail.ird.yahoo.com via HTTP; Mon, 29 Nov 2010 10:55:46 GMT X-Mailer: YahooMailClassic/11.4.9 YahooMailWebService/0.8.107.285259 Date: Mon, 29 Nov 2010 10:55:46 +0000 (GMT) From: Albert Pretorius Subject: IPV6 loopback bound socket succeeds connecting to remote host To: netdev@vger.kernel.org MIME-Version: 1.0 Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Hi I found a problem with ipv6 when a UDP socket is bound to loopback (::1) and connecting to a remote address. The same applies to TCP. Any data sent ends up on the remote host with a source address of loopback. The expected result of the connect should be EINVAL just like it is for ipv4. Here is a possible patch that fixes this problem below. I tested it on 2.6.37-rc3 using a tool I put on http://www.gitorious.org/bindconnect ----8<---- ---->8---- The bindconnect tool is build with just make and run like: ./obj/bindconnect -l ::1 9999 -r nnnn::nnn:nnnn:nnnn:nnnn%eth0 4444 -u ERROR: Error occurred during connect() : Invalid argument without the patch a UDP datagram is sent and TCP sends a SYN. Please CC me personally as I am not subscribed to the mailing list. thanks, Albert Pretorius --- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/net/ipv6/ip6_output.c b/net/ipv6/ip6_output.c index 99157b4..a0de66c 100644 --- a/net/ipv6/ip6_output.c +++ b/net/ipv6/ip6_output.c @@ -927,6 +927,7 @@ static int ip6_dst_lookup_tail(struct sock *sk, { int err; struct net *net = sock_net(sk); + struct net_device *dev_out; if (*dst == NULL) *dst = ip6_route_output(net, sk, fl); @@ -934,6 +935,32 @@ static int ip6_dst_lookup_tail(struct sock *sk, if ((err = (*dst)->error)) goto out_err_release; + dev_out = ip6_dst_idev(*dst)->dev; + if (dev_out && ipv6_addr_loopback(&fl->fl6_src) && + !(dev_out->flags & IFF_LOOPBACK)) { + /* + * If socket is bound to loopback address but interface + * is not then it is invalid... + */ + struct inet6_ifaddr *ifa; + struct inet6_dev *idev = in6_dev_get(dev_out); + err = -EINVAL; + if (idev) { + list_for_each_entry(ifa, &idev->addr_list, if_list) + { + /* + * ... unless the interface has the same address + */ + if (ipv6_addr_equal(&ifa->addr, &fl->fl6_dst)) + err = 0; + } + in6_dev_put(idev); + } + + if (err) + goto out_err_release; + } + if (ipv6_addr_any(&fl->fl6_src)) { err = ipv6_dev_get_saddr(net, ip6_dst_idev(*dst)->dev, &fl->fl6_dst,