From: Phil Sutter <phil@nwl.cc>
To: netdev@vger.kernel.org
Cc: davem@davemloft.net, Eric Dumazet <edumazet@google.com>
Subject: [PATCH] net: inet_diag: always export IPV6_V6ONLY sockopt
Date: Thu, 9 Jul 2015 10:42:27 +0200 [thread overview]
Message-ID: <1436431347-720-1-git-send-email-phil@nwl.cc> (raw)
Reconsidering my commit 20462155 "net: inet_diag: export IPV6_V6ONLY
sockopt", I am not happy with the limitations it causes for socket
analysing code in userspace. Exporting the value only if it is set makes
it hard for userspace to decide whether the option is not set or the
kernel does not support exporting the option at all.
>From an auditor's perspective, the interesting question for AF_INET6
sockets is: "Does it NOT have IPV6_V6ONLY set?" Because it is the
unexpected case. This patch allows to answer this question reliably.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Cc: Eric Dumazet <edumazet@google.com>
---
net/ipv4/inet_diag.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/net/ipv4/inet_diag.c b/net/ipv4/inet_diag.c
index 9bc2667..e622d2e 100644
--- a/net/ipv4/inet_diag.c
+++ b/net/ipv4/inet_diag.c
@@ -152,8 +152,7 @@ int inet_sk_diag_fill(struct sock *sk, struct inet_connection_sock *icsk,
inet6_sk(sk)->tclass) < 0)
goto errout;
- if (ipv6_only_sock(sk) &&
- nla_put_u8(skb, INET_DIAG_SKV6ONLY, 1))
+ if (nla_put_u8(skb, INET_DIAG_SKV6ONLY, ipv6_only_sock(sk)))
goto errout;
}
#endif
--
2.1.2
next reply other threads:[~2015-07-09 8:42 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-07-09 8:42 Phil Sutter [this message]
2015-07-09 12:57 ` [PATCH] net: inet_diag: always export IPV6_V6ONLY sockopt Eric Dumazet
2015-07-09 16:38 ` Phil Sutter
2015-07-09 17:30 ` Eric Dumazet
2015-07-10 9:39 ` [PATCH v2] net: inet_diag: always export IPV6_V6ONLY sockopt for listening sockets Phil Sutter
2015-07-11 6:25 ` David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1436431347-720-1-git-send-email-phil@nwl.cc \
--to=phil@nwl.cc \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).