From mboxrd@z Thu Jan  1 00:00:00 1970
From: Paolo Abeni <pabeni@redhat.com>
Subject: Re: The SO_BINDTODEVICE was set to the desired interface, but
 packets are received from all interfaces.
Date: Mon, 07 May 2018 14:41:30 +0200
Message-ID: <1525696890.2587.24.camel@redhat.com>
References: <5a61e34b-75c2-0452-d6e2-6e4ea77d5ac2@oktetlabs.ru>
Mime-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Cc: Konstantin Ushakov <kostik@oktetlabs.ru>,
        "Alexandra N. Kossovsky" <Alexandra.Kossovsky@oktetlabs.ru>,
        Andrey Dmitrov <andrey.dmitrov@oktetlabs.ru>
To: Damir Mansurov <dnman@oktetlabs.ru>, netdev@vger.kernel.org,
        David Ahern <dsahern@gmail.com>
Return-path: <netdev-owner@vger.kernel.org>
Received: from mx3-rdu2.redhat.com ([66.187.233.73]:41744 "EHLO mx1.redhat.com"
        rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP
        id S1751968AbeEGMle (ORCPT <rfc822;netdev@vger.kernel.org>);
        Mon, 7 May 2018 08:41:34 -0400
In-Reply-To: <5a61e34b-75c2-0452-d6e2-6e4ea77d5ac2@oktetlabs.ru>
Sender: netdev-owner@vger.kernel.org
List-ID: <netdev.vger.kernel.org>

Hi,
On Mon, 2018-05-07 at 13:19 +0300, Damir Mansurov wrote:
> After successful call of the setsockopt(SO_BINDTODEVICE) function to set 
> data reception from only one interface, the data is still received from 
> all interfaces. Function setsockopt() returns 0 but then recv() receives 
> data from all available network interfaces.
> 
> The problem is reproducible on linux kernels 4.14 - 4.16, but it does 
> not on linux kernels 4.4, 4.13.

I think that the cause is commit:

commit fb74c27735f0a34e76dbf1972084e984ad2ea145
Author: David Ahern <dsahern@gmail.com>
Date:   Mon Aug 7 08:44:16 2017 -0700

    net: ipv4: add second dif to udp socket lookups

Something like the following should fix, but I'm unsure it preserves
the intended semathics for 'sdif'. David, can you please have a look?
Thanks!

Paolo
---
diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c
index dd3102a37ef9..0d593d5c33cf 100644
--- a/net/ipv4/udp.c
+++ b/net/ipv4/udp.c
@@ -401,9 +401,9 @@ static int compute_score(struct sock *sk, struct net *net,
 		bool dev_match = (sk->sk_bound_dev_if == dif ||
 				  sk->sk_bound_dev_if == sdif);
 
-		if (exact_dif && !dev_match)
+		if (!dev_match)
 			return -1;
-		if (sk->sk_bound_dev_if && dev_match)
+		if (sk->sk_bound_dev_if)
 			score += 4;
 	}