* [MPTCP] [PATCH v5 3/5] mptcp: v1 ADD_ADDR changes: add_addr_hmac_valid
@ 2020-03-16 18:39 Peter Krystad
0 siblings, 0 replies; only message in thread
From: Peter Krystad @ 2020-03-16 18:39 UTC (permalink / raw)
To: mptcp
[-- Attachment #1: Type: text/plain, Size: 1956 bytes --]
Validate incoming ADD_ADDR options
squash-to: Add path manager interface
Signed-off-by: Peter Krystad <peter.krystad(a)linux.intel.com>
---
net/mptcp/options.c | 29 +++++++++++++++++++++++++++--
1 file changed, 27 insertions(+), 2 deletions(-)
diff --git a/net/mptcp/options.c b/net/mptcp/options.c
index 80cf2f01eecc..42e2c75b4a7a 100644
--- a/net/mptcp/options.c
+++ b/net/mptcp/options.c
@@ -597,6 +597,30 @@ static bool check_fully_established(struct mptcp_subflow_context *subflow,
return true;
}
+static bool add_addr_hmac_valid(struct mptcp_subflow_context *subflow,
+ struct mptcp_options_received *mp_opt)
+{
+ u64 hmac;
+
+ if (mp_opt->echo)
+ return true;
+
+ if (mp_opt->family == MPTCP_ADDR_IPVERSION_4)
+ hmac = add_addr_generate_hmac(subflow->remote_key,
+ subflow->local_key,
+ mp_opt->addr_id, &mp_opt->addr);
+ else
+ hmac = add_addr6_generate_hmac(subflow->remote_key,
+ subflow->local_key,
+ mp_opt->addr_id, &mp_opt->addr6);
+
+ pr_debug("subflow=%p, ahmac=%llu, mp_opt->ahmac=%llu\n",
+ subflow, (unsigned long long)hmac,
+ (unsigned long long)mp_opt->ahmac);
+
+ return hmac == mp_opt->ahmac;
+}
+
void mptcp_incoming_options(struct sock *sk, struct sk_buff *skb,
struct tcp_options_received *opt_rx)
{
@@ -609,7 +633,7 @@ void mptcp_incoming_options(struct sock *sk, struct sk_buff *skb,
if (!check_fully_established(subflow, skb, mp_opt))
return;
- if (msk && mp_opt->add_addr) {
+ if (msk && mp_opt->add_addr && add_addr_hmac_valid(subflow, mp_opt)) {
struct mptcp_addr_info addr;
addr.port = 0;
@@ -624,7 +648,8 @@ void mptcp_incoming_options(struct sock *sk, struct sk_buff *skb,
addr.addr6 = mp_opt->addr6;
}
#endif
- mptcp_pm_add_addr_received(msk, &addr);
+ if (!mp_opt->echo)
+ mptcp_pm_add_addr_received(msk, &addr);
mp_opt->add_addr = 0;
}
--
2.17.2
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2020-03-16 18:39 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-03-16 18:39 [MPTCP] [PATCH v5 3/5] mptcp: v1 ADD_ADDR changes: add_addr_hmac_valid Peter Krystad
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.