* [PATCH] ipv6: don't accept multicast traffic with scop 0
@ 2013-02-10 12:48 Hannes Frederic Sowa
2013-02-10 14:56 ` YOSHIFUJI Hideaki
2013-02-11 19:48 ` Hannes Frederic Sowa
0 siblings, 2 replies; 7+ messages in thread
From: Hannes Frederic Sowa @ 2013-02-10 12:48 UTC (permalink / raw)
To: netdev; +Cc: yoshfuji, erik.hugne
Cc: Erik Hugne <erik.hugne@ericsson.com>
Cc: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
---
net/ipv6/ip6_input.c | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/net/ipv6/ip6_input.c b/net/ipv6/ip6_input.c
index 4ac5bf3..34ddebd 100644
--- a/net/ipv6/ip6_input.c
+++ b/net/ipv6/ip6_input.c
@@ -126,6 +126,16 @@ int ipv6_rcv(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt
if (ipv6_addr_is_multicast(&hdr->saddr))
goto err;
+ /*
+ * RFC4291 2.7
+ * Nodes must not originate a packet to a multicast address whose scop
+ * field contains the reserved value 0; if such a packet is received, it
+ * must be silently dropped.
+ */
+ if (ipv6_addr_is_multicast(&hdr->daddr) &&
+ IPV6_ADDR_MC_SCOPE(&hdr->daddr) == 0)
+ goto err;
+
skb->transport_header = skb->network_header + sizeof(*hdr);
IP6CB(skb)->nhoff = offsetof(struct ipv6hdr, nexthdr);
--
1.8.1.2
^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [PATCH] ipv6: don't accept multicast traffic with scop 0
2013-02-10 12:48 [PATCH] ipv6: don't accept multicast traffic with scop 0 Hannes Frederic Sowa
@ 2013-02-10 14:56 ` YOSHIFUJI Hideaki
2013-02-11 19:48 ` Hannes Frederic Sowa
1 sibling, 0 replies; 7+ messages in thread
From: YOSHIFUJI Hideaki @ 2013-02-10 14:56 UTC (permalink / raw)
To: netdev, erik.hugne, YOSHIFUJI Hideaki
Hannes Frederic Sowa wrote:
> Cc: Erik Hugne <erik.hugne@ericsson.com>
> Cc: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
> Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
> ---
> net/ipv6/ip6_input.c | 10 ++++++++++
> 1 file changed, 10 insertions(+)
>
> diff --git a/net/ipv6/ip6_input.c b/net/ipv6/ip6_input.c
> index 4ac5bf3..34ddebd 100644
> --- a/net/ipv6/ip6_input.c
> +++ b/net/ipv6/ip6_input.c
> @@ -126,6 +126,16 @@ int ipv6_rcv(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt
> if (ipv6_addr_is_multicast(&hdr->saddr))
> goto err;
>
> + /*
> + * RFC4291 2.7
> + * Nodes must not originate a packet to a multicast address whose scop
> + * field contains the reserved value 0; if such a packet is received, it
> + * must be silently dropped.
> + */
> + if (ipv6_addr_is_multicast(&hdr->daddr) &&
> + IPV6_ADDR_MC_SCOPE(&hdr->daddr) == 0)
> + goto err;
> +
> skb->transport_header = skb->network_header + sizeof(*hdr);
> IP6CB(skb)->nhoff = offsetof(struct ipv6hdr, nexthdr);
>
>
Would you place this before saddr check, just after loopback check, please?
Otherwise,
Acked-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
--yoshfuji
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] ipv6: don't accept multicast traffic with scop 0
2013-02-10 12:48 [PATCH] ipv6: don't accept multicast traffic with scop 0 Hannes Frederic Sowa
2013-02-10 14:56 ` YOSHIFUJI Hideaki
@ 2013-02-11 19:48 ` Hannes Frederic Sowa
2013-02-11 19:52 ` David Miller
1 sibling, 1 reply; 7+ messages in thread
From: Hannes Frederic Sowa @ 2013-02-11 19:48 UTC (permalink / raw)
To: netdev, yoshfuji, erik.hugne
On Sun, Feb 10, 2013 at 01:48:51PM +0100, Hannes Frederic Sowa wrote:
> + /*
> + * RFC4291 2.7
> + * Nodes must not originate a packet to a multicast address whose scop
> + * field contains the reserved value 0; if such a packet is received, it
> + * must be silently dropped.
Just nit-picking: The field is actually called scop without e, as pointed out
by three erratas to RFC4291. :)
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] ipv6: don't accept multicast traffic with scop 0
2013-02-11 19:48 ` Hannes Frederic Sowa
@ 2013-02-11 19:52 ` David Miller
2013-02-11 22:21 ` Ben Hutchings
0 siblings, 1 reply; 7+ messages in thread
From: David Miller @ 2013-02-11 19:52 UTC (permalink / raw)
To: hannes; +Cc: netdev, yoshfuji, erik.hugne
From: Hannes Frederic Sowa <hannes@stressinduktion.org>
Date: Mon, 11 Feb 2013 20:48:35 +0100
> On Sun, Feb 10, 2013 at 01:48:51PM +0100, Hannes Frederic Sowa wrote:
>> + /*
>> + * RFC4291 2.7
>> + * Nodes must not originate a packet to a multicast address whose scop
>> + * field contains the reserved value 0; if such a packet is received, it
>> + * must be silently dropped.
>
> Just nit-picking: The field is actually called scop without e, as pointed out
> by three erratas to RFC4291. :)
That's funny because I added the 'e' to your patches while applying
them, it just looks completely stupid to refer to this things as
'scop'.
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] ipv6: don't accept multicast traffic with scop 0
2013-02-11 19:52 ` David Miller
@ 2013-02-11 22:21 ` Ben Hutchings
2013-02-11 22:42 ` Stephen Hemminger
2013-02-11 22:49 ` Dan Williams
0 siblings, 2 replies; 7+ messages in thread
From: Ben Hutchings @ 2013-02-11 22:21 UTC (permalink / raw)
To: David Miller; +Cc: hannes, netdev, yoshfuji, erik.hugne
On Mon, 2013-02-11 at 14:52 -0500, David Miller wrote:
> From: Hannes Frederic Sowa <hannes@stressinduktion.org>
> Date: Mon, 11 Feb 2013 20:48:35 +0100
>
> > On Sun, Feb 10, 2013 at 01:48:51PM +0100, Hannes Frederic Sowa wrote:
> >> + /*
> >> + * RFC4291 2.7
> >> + * Nodes must not originate a packet to a multicast address whose scop
> >> + * field contains the reserved value 0; if such a packet is received, it
> >> + * must be silently dropped.
> >
> > Just nit-picking: The field is actually called scop without e, as pointed out
> > by three erratas to RFC4291. :)
>
> That's funny because I added the 'e' to your patches while applying
> them, it just looks completely stupid to refer to this things as
> 'scop'.
It seems to be a long Unix tradition to creat names with trailing silent
vowels removed; this is hardly uniq.
Ben.
--
Ben Hutchings, Staff Engineer, Solarflare
Not speaking for my employer; that's the marketing department's job.
They asked us to note that Solarflare product names are trademarked.
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] ipv6: don't accept multicast traffic with scop 0
2013-02-11 22:21 ` Ben Hutchings
@ 2013-02-11 22:42 ` Stephen Hemminger
2013-02-11 22:49 ` Dan Williams
1 sibling, 0 replies; 7+ messages in thread
From: Stephen Hemminger @ 2013-02-11 22:42 UTC (permalink / raw)
To: Ben Hutchings; +Cc: David Miller, hannes, netdev, yoshfuji, erik.hugne
On Mon, 11 Feb 2013 22:21:11 +0000
Ben Hutchings <bhutchings@solarflare.com> wrote:
> On Mon, 2013-02-11 at 14:52 -0500, David Miller wrote:
> > From: Hannes Frederic Sowa <hannes@stressinduktion.org>
> > Date: Mon, 11 Feb 2013 20:48:35 +0100
> >
> > > On Sun, Feb 10, 2013 at 01:48:51PM +0100, Hannes Frederic Sowa wrote:
> > >> + /*
> > >> + * RFC4291 2.7
> > >> + * Nodes must not originate a packet to a multicast address whose scop
> > >> + * field contains the reserved value 0; if such a packet is received, it
> > >> + * must be silently dropped.
> > >
> > > Just nit-picking: The field is actually called scop without e, as pointed out
> > > by three erratas to RFC4291. :)
> >
> > That's funny because I added the 'e' to your patches while applying
> > them, it just looks completely stupid to refer to this things as
> > 'scop'.
>
> It seems to be a long Unix tradition to creat names with trailing silent
> vowels removed; this is hardly uniq.
>
> Ben.
>
Aussie's would call it scopie
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] ipv6: don't accept multicast traffic with scop 0
2013-02-11 22:21 ` Ben Hutchings
2013-02-11 22:42 ` Stephen Hemminger
@ 2013-02-11 22:49 ` Dan Williams
1 sibling, 0 replies; 7+ messages in thread
From: Dan Williams @ 2013-02-11 22:49 UTC (permalink / raw)
To: Ben Hutchings; +Cc: David Miller, hannes, netdev, yoshfuji, erik.hugne
On Mon, 2013-02-11 at 22:21 +0000, Ben Hutchings wrote:
> On Mon, 2013-02-11 at 14:52 -0500, David Miller wrote:
> > From: Hannes Frederic Sowa <hannes@stressinduktion.org>
> > Date: Mon, 11 Feb 2013 20:48:35 +0100
> >
> > > On Sun, Feb 10, 2013 at 01:48:51PM +0100, Hannes Frederic Sowa wrote:
> > >> + /*
> > >> + * RFC4291 2.7
> > >> + * Nodes must not originate a packet to a multicast address whose scop
> > >> + * field contains the reserved value 0; if such a packet is received, it
> > >> + * must be silently dropped.
> > >
> > > Just nit-picking: The field is actually called scop without e, as pointed out
> > > by three erratas to RFC4291. :)
> >
> > That's funny because I added the 'e' to your patches while applying
> > them, it just looks completely stupid to refer to this things as
> > 'scop'.
>
> It seems to be a long Unix tradition to creat names with trailing silent
> vowels removed; this is hardly uniq.
You had to buy vowels from Pat back then, and people were stingy with
their hard-earned money. And then if you got the vowel wrong it was no
longer your turn. So understandably people were reluctant to use vowels
much.
Dan
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2013-02-11 22:49 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-02-10 12:48 [PATCH] ipv6: don't accept multicast traffic with scop 0 Hannes Frederic Sowa
2013-02-10 14:56 ` YOSHIFUJI Hideaki
2013-02-11 19:48 ` Hannes Frederic Sowa
2013-02-11 19:52 ` David Miller
2013-02-11 22:21 ` Ben Hutchings
2013-02-11 22:42 ` Stephen Hemminger
2013-02-11 22:49 ` Dan Williams
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).