From: Sergei Shtylyov <sergei.shtylyov@cogentembedded.com>
To: Shawn Bohrer <shawn.bohrer@gmail.com>, netdev@vger.kernel.org
Cc: "Yurij M. Plotnikov" <Yurij.Plotnikov@oktetlabs.ru>,
Alexandra.Kossovsky@oktetlabs.ru,
Eric Dumazet <eric.dumazet@gmail.com>,
Oliver Graff <oliver.e.graff@gmail.com>,
davem@davemloft.net, Shawn Bohrer <sbohrer@rgmadvisors.com>
Subject: Re: [PATCH] ipv4/udp: Verify multicast group is ours in upd_v4_early_demux()
Date: Mon, 01 Jun 2015 23:11:42 +0300 [thread overview]
Message-ID: <556CBC7E.2050005@cogentembedded.com> (raw)
In-Reply-To: <1433176465-22941-1-git-send-email-shawn.bohrer@gmail.com>
Hello.
On 06/01/2015 07:34 PM, Shawn Bohrer wrote:
> From: Shawn Bohrer <sbohrer@rgmadvisors.com>
> 421b3885bf6d56391297844f43fb7154a6396e12 "udp: ipv4: Add udp early
> demux" introduced a regression that allowed sockets bound to INADDR_ANY
> to receive packets from multicast groups that the socket had not joined.
> For example a socket that had joined 224.168.2.9 could also receive
> packets from 225.168.2.9 despite not having joined that group if
> ip_early_demux is enabled.
> Fix this by calling ip_check_mc_rcu() in udp_v4_early_demux() to verify
> that the multicast packet is indeed ours.
> Signed-off-by: Shawn Bohrer <sbohrer@rgmadvisors.com>
> Reported-by: Yurij M. Plotnikov <Yurij.Plotnikov@oktetlabs.ru>
> ---
> net/ipv4/udp.c | 18 +++++++++++++-----
> 1 file changed, 13 insertions(+), 5 deletions(-)
> diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c
> index d10b7e0..17d31f5 100644
> --- a/net/ipv4/udp.c
> +++ b/net/ipv4/udp.c
[...]
> @@ -1971,10 +1972,17 @@ void udp_v4_early_demux(struct sk_buff *skb)
> uh = udp_hdr(skb);
>
> if (skb->pkt_type == PACKET_BROADCAST ||
> - skb->pkt_type == PACKET_MULTICAST)
> - sk = __udp4_lib_mcast_demux_lookup(net, uh->dest, iph->daddr,
> - uh->source, iph->saddr, dif);
> - else if (skb->pkt_type == PACKET_HOST)
> + skb->pkt_type == PACKET_MULTICAST) {
> + struct in_device *in_dev = __in_dev_get_rcu(skb->dev);
> +
> + if (in_dev) {
> + int our = ip_check_mc_rcu(in_dev, iph->daddr, iph->saddr,
> + iph->protocol);
> + if (our)
> + sk = __udp4_lib_mcast_demux_lookup(net, uh->dest, iph->daddr,
> + uh->source, iph->saddr, dif);
> + }
> + } else if (skb->pkt_type == PACKET_HOST)
> sk = __udp4_lib_demux_lookup(net, uh->dest, iph->daddr,
> uh->source, iph->saddr, dif);
> else
Must add {} around all branches of the *if* statement if you're adding
them around just one; see Documentation/CodingStyle.
WBR, Sergei
next prev parent reply other threads:[~2015-06-01 20:11 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-05-12 16:38 Socket receives packet to multicast group to which it was not joined since kernel 3.13.10-1 Yurij M. Plotnikov
2014-05-12 17:18 ` Eric Dumazet
2014-05-13 6:25 ` Yurij M. Plotnikov
2014-05-13 21:36 ` Shawn Bohrer
2014-05-14 20:40 ` Shawn Bohrer
2015-05-24 4:55 ` Oliver Graff
2015-05-26 17:41 ` Shawn Bohrer
2015-05-26 17:59 ` Eric Dumazet
2015-06-01 16:34 ` [PATCH] ipv4/udp: Verify multicast group is ours in upd_v4_early_demux() Shawn Bohrer
2015-06-01 20:11 ` Sergei Shtylyov [this message]
2015-06-03 21:27 ` [PATCH v2] " Shawn Bohrer
2015-06-04 7:46 ` David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=556CBC7E.2050005@cogentembedded.com \
--to=sergei.shtylyov@cogentembedded.com \
--cc=Alexandra.Kossovsky@oktetlabs.ru \
--cc=Yurij.Plotnikov@oktetlabs.ru \
--cc=davem@davemloft.net \
--cc=eric.dumazet@gmail.com \
--cc=netdev@vger.kernel.org \
--cc=oliver.e.graff@gmail.com \
--cc=sbohrer@rgmadvisors.com \
--cc=shawn.bohrer@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.