LKML Archive on lore.kernel.org
help / color / mirror / Atom feed
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Jianwen Ji <jiji@redhat.com>,
Xin Long <lucien.xin@gmail.com>,
Neil Horman <nhorman@tuxdriver.com>,
"David S. Miller" <davem@davemloft.net>
Subject: [PATCH 4.14 27/80] sctp: do not check port in sctp_inet6_cmp_addr
Date: Fri, 27 Apr 2018 15:58:20 +0200 [thread overview]
Message-ID: <20180427135734.337062858@linuxfoundation.org> (raw)
In-Reply-To: <20180427135732.928644313@linuxfoundation.org>
4.14-stable review patch. If anyone has any objections, please let me know.
------------------
From: Xin Long <lucien.xin@gmail.com>
[ Upstream commit 1071ec9d453a38023579714b64a951a2fb982071 ]
pf->cmp_addr() is called before binding a v6 address to the sock. It
should not check ports, like in sctp_inet_cmp_addr.
But sctp_inet6_cmp_addr checks the addr by invoking af(6)->cmp_addr,
sctp_v6_cmp_addr where it also compares the ports.
This would cause that setsockopt(SCTP_SOCKOPT_BINDX_ADD) could bind
multiple duplicated IPv6 addresses after Commit 40b4f0fd74e4 ("sctp:
lack the check for ports in sctp_v6_cmp_addr").
This patch is to remove af->cmp_addr called in sctp_inet6_cmp_addr,
but do the proper check for both v6 addrs and v4mapped addrs.
v1->v2:
- define __sctp_v6_cmp_addr to do the common address comparison
used for both pf and af v6 cmp_addr.
Fixes: 40b4f0fd74e4 ("sctp: lack the check for ports in sctp_v6_cmp_addr")
Reported-by: Jianwen Ji <jiji@redhat.com>
Signed-off-by: Xin Long <lucien.xin@gmail.com>
Acked-by: Neil Horman <nhorman@tuxdriver.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
net/sctp/ipv6.c | 60 ++++++++++++++++++++++++++++----------------------------
1 file changed, 30 insertions(+), 30 deletions(-)
--- a/net/sctp/ipv6.c
+++ b/net/sctp/ipv6.c
@@ -521,46 +521,49 @@ static void sctp_v6_to_addr(union sctp_a
addr->v6.sin6_scope_id = 0;
}
-/* Compare addresses exactly.
- * v4-mapped-v6 is also in consideration.
- */
-static int sctp_v6_cmp_addr(const union sctp_addr *addr1,
- const union sctp_addr *addr2)
+static int __sctp_v6_cmp_addr(const union sctp_addr *addr1,
+ const union sctp_addr *addr2)
{
if (addr1->sa.sa_family != addr2->sa.sa_family) {
if (addr1->sa.sa_family == AF_INET &&
addr2->sa.sa_family == AF_INET6 &&
- ipv6_addr_v4mapped(&addr2->v6.sin6_addr)) {
- if (addr2->v6.sin6_port == addr1->v4.sin_port &&
- addr2->v6.sin6_addr.s6_addr32[3] ==
- addr1->v4.sin_addr.s_addr)
- return 1;
- }
+ ipv6_addr_v4mapped(&addr2->v6.sin6_addr) &&
+ addr2->v6.sin6_addr.s6_addr32[3] ==
+ addr1->v4.sin_addr.s_addr)
+ return 1;
+
if (addr2->sa.sa_family == AF_INET &&
addr1->sa.sa_family == AF_INET6 &&
- ipv6_addr_v4mapped(&addr1->v6.sin6_addr)) {
- if (addr1->v6.sin6_port == addr2->v4.sin_port &&
- addr1->v6.sin6_addr.s6_addr32[3] ==
- addr2->v4.sin_addr.s_addr)
- return 1;
- }
+ ipv6_addr_v4mapped(&addr1->v6.sin6_addr) &&
+ addr1->v6.sin6_addr.s6_addr32[3] ==
+ addr2->v4.sin_addr.s_addr)
+ return 1;
+
return 0;
}
- if (addr1->v6.sin6_port != addr2->v6.sin6_port)
- return 0;
+
if (!ipv6_addr_equal(&addr1->v6.sin6_addr, &addr2->v6.sin6_addr))
return 0;
+
/* If this is a linklocal address, compare the scope_id. */
- if (ipv6_addr_type(&addr1->v6.sin6_addr) & IPV6_ADDR_LINKLOCAL) {
- if (addr1->v6.sin6_scope_id && addr2->v6.sin6_scope_id &&
- (addr1->v6.sin6_scope_id != addr2->v6.sin6_scope_id)) {
- return 0;
- }
- }
+ if ((ipv6_addr_type(&addr1->v6.sin6_addr) & IPV6_ADDR_LINKLOCAL) &&
+ addr1->v6.sin6_scope_id && addr2->v6.sin6_scope_id &&
+ addr1->v6.sin6_scope_id != addr2->v6.sin6_scope_id)
+ return 0;
return 1;
}
+/* Compare addresses exactly.
+ * v4-mapped-v6 is also in consideration.
+ */
+static int sctp_v6_cmp_addr(const union sctp_addr *addr1,
+ const union sctp_addr *addr2)
+{
+ return __sctp_v6_cmp_addr(addr1, addr2) &&
+ addr1->v6.sin6_port == addr2->v6.sin6_port;
+}
+
/* Initialize addr struct to INADDR_ANY. */
static void sctp_v6_inaddr_any(union sctp_addr *addr, __be16 port)
{
@@ -845,8 +848,8 @@ static int sctp_inet6_cmp_addr(const uni
const union sctp_addr *addr2,
struct sctp_sock *opt)
{
- struct sctp_af *af1, *af2;
struct sock *sk = sctp_opt2sk(opt);
+ struct sctp_af *af1, *af2;
af1 = sctp_get_af_specific(addr1->sa.sa_family);
af2 = sctp_get_af_specific(addr2->sa.sa_family);
@@ -862,10 +865,7 @@ static int sctp_inet6_cmp_addr(const uni
if (sctp_is_any(sk, addr1) || sctp_is_any(sk, addr2))
return 1;
- if (addr1->sa.sa_family != addr2->sa.sa_family)
- return 0;
-
- return af1->cmp_addr(addr1, addr2);
+ return __sctp_v6_cmp_addr(addr1, addr2);
}
/* Verify that the provided sockaddr looks bindable. Common verification,
next prev parent reply other threads:[~2018-04-27 13:58 UTC|newest]
Thread overview: 90+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-04-27 13:57 [PATCH 4.14 00/80] 4.14.38-stable review Greg Kroah-Hartman
2018-04-27 13:57 ` [PATCH 4.14 01/80] Revert "pinctrl: intel: Initialize GPIO properly when used through irqchip" Greg Kroah-Hartman
2018-04-27 13:57 ` [PATCH 4.14 02/80] drm: bridge: dw-hdmi: Fix overflow workaround for Amlogic Meson GX SoCs Greg Kroah-Hartman
2018-04-27 13:57 ` [PATCH 4.14 03/80] i40e: Fix attach VF to VM issue Greg Kroah-Hartman
2018-04-27 13:57 ` [PATCH 4.14 04/80] tpm: cmd_ready command can be issued only after granting locality Greg Kroah-Hartman
2018-04-27 13:57 ` [PATCH 4.14 05/80] tpm: tpm-interface: fix tpm_transmit/_cmd kdoc Greg Kroah-Hartman
2018-04-27 13:57 ` [PATCH 4.14 06/80] tpm: add retry logic Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 07/80] Revert "ath10k: send (re)assoc peer command when NSS changed" Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 08/80] bonding: do not set slave_dev npinfo before slave_enable_netpoll in bond_enslave Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 09/80] ipv6: add RTA_TABLE and RTA_PREFSRC to rtm_ipv6_policy Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 10/80] ipv6: sr: fix NULL pointer dereference in seg6_do_srh_encap()- v4 pkts Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 11/80] KEYS: DNS: limit the length of option strings Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 12/80] l2tp: check sockaddr length in pppol2tp_connect() Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 13/80] net: validate attribute sizes in neigh_dump_table() Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 14/80] llc: delete timers synchronously in llc_sk_free() Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 15/80] tcp: dont read out-of-bounds opsize Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 16/80] net: af_packet: fix race in PACKET_{R|T}X_RING Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 17/80] tcp: md5: reject TCP_MD5SIG or TCP_MD5SIG_EXT on established sockets Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 18/80] net: fix deadlock while clearing neighbor proxy table Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 19/80] team: avoid adding twice the same option to the event list Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 20/80] net/smc: fix shutdown in state SMC_LISTEN Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 21/80] team: fix netconsole setup over team Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 22/80] packet: fix bitfield update race Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 23/80] tipc: add policy for TIPC_NLA_NET_ADDR Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 24/80] pppoe: check sockaddr length in pppoe_connect() Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 25/80] vlan: Fix reading memory beyond skb->tail in skb_vlan_tagged_multi Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 26/80] amd-xgbe: Add pre/post auto-negotiation phy hooks Greg Kroah-Hartman
2018-04-27 13:58 ` Greg Kroah-Hartman [this message]
2018-04-27 13:58 ` [PATCH 4.14 28/80] amd-xgbe: Improve KR auto-negotiation and training Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 29/80] strparser: Do not call mod_delayed_work with a timeout of LONG_MAX Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 30/80] amd-xgbe: Only use the SFP supported transceiver signals Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 31/80] strparser: Fix incorrect strp->need_bytes value Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 32/80] net: sched: ife: signal not finding metaid Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 33/80] tcp: clear tp->packets_out when purging write queue Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 34/80] net: sched: ife: handle malformed tlv length Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 35/80] net: sched: ife: check on metadata length Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 36/80] llc: hold llc_sap before release_sock() Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 37/80] llc: fix NULL pointer deref for SOCK_ZAPPED Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 38/80] net: ethernet: ti: cpsw: fix tx vlan priority mapping Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 39/80] virtio_net: split out ctrl buffer Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 40/80] virtio_net: fix adding vids on big-endian Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 41/80] Revert "microblaze: fix endian handling" Greg Kroah-Hartman
2018-04-27 15:43 ` Guenter Roeck
2018-04-27 16:25 ` Guenter Roeck
2018-04-28 5:50 ` Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 42/80] s390: introduce CPU alternatives Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 43/80] s390: enable CPU alternatives unconditionally Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 44/80] KVM: s390: wire up bpb feature Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 45/80] s390: scrub registers on kernel entry and KVM exit Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 46/80] s390: add optimized array_index_mask_nospec Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 47/80] s390/alternative: use a copy of the facility bit mask Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 48/80] s390: add options to change branch prediction behaviour for the kernel Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 49/80] s390: run user space and KVM guests with modified branch prediction Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 50/80] s390: introduce execute-trampolines for branches Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 51/80] KVM: s390: force bp isolation for VSIE Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 52/80] s390: Replace IS_ENABLED(EXPOLINE_*) with IS_ENABLED(CONFIG_EXPOLINE_*) Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 53/80] s390: do not bypass BPENTER for interrupt system calls Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 54/80] s390/entry.S: fix spurious zeroing of r0 Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 55/80] s390: move nobp parameter functions to nospec-branch.c Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 56/80] s390: add automatic detection of the spectre defense Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 57/80] s390: report spectre mitigation via syslog Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 58/80] s390: add sysfs attributes for spectre Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 59/80] s390: correct nospec auto detection init order Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 60/80] s390: correct module section names for expoline code revert Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 61/80] microblaze: Setup dependencies for ASM optimized lib functions Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 62/80] arm64: dts: rockchip: remove vdd_log from rk3399-puma Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 63/80] Revert "mm/hmm: fix header file if/else/endif maze" Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 64/80] commoncap: Handle memory allocation failure Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 65/80] scsi: mptsas: Disable WRITE SAME Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.14 66/80] cdrom: information leak in cdrom_ioctl_media_changed() Greg Kroah-Hartman
2018-04-27 13:59 ` [PATCH 4.14 67/80] fsnotify: Fix fsnotify_mark_connector race Greg Kroah-Hartman
2018-04-27 13:59 ` [PATCH 4.14 68/80] m68k/mac: Dont remap SWIM MMIO region Greg Kroah-Hartman
2018-04-27 13:59 ` [PATCH 4.14 69/80] block/swim: Check drive type Greg Kroah-Hartman
2018-04-27 13:59 ` [PATCH 4.14 70/80] block/swim: Dont log an error message for an invalid ioctl Greg Kroah-Hartman
2018-04-27 13:59 ` [PATCH 4.14 71/80] block/swim: Remove extra put_disk() call from error path Greg Kroah-Hartman
2018-04-27 13:59 ` [PATCH 4.14 72/80] block/swim: Rename macros to avoid inconsistent inverted logic Greg Kroah-Hartman
2018-04-27 13:59 ` [PATCH 4.14 73/80] block/swim: Select appropriate drive on device open Greg Kroah-Hartman
2018-04-27 13:59 ` [PATCH 4.14 74/80] block/swim: Fix array bounds check Greg Kroah-Hartman
2018-04-27 13:59 ` [PATCH 4.14 75/80] block/swim: Fix IO error at end of medium Greg Kroah-Hartman
2018-04-27 13:59 ` [PATCH 4.14 76/80] tracing: Fix missing tab for hwlat_detector print format Greg Kroah-Hartman
2018-04-27 13:59 ` [PATCH 4.14 77/80] s390/cio: update chpid descriptor after resource accessibility event Greg Kroah-Hartman
2018-04-27 13:59 ` [PATCH 4.14 78/80] s390/dasd: fix IO error for newly defined devices Greg Kroah-Hartman
2018-04-27 13:59 ` [PATCH 4.14 79/80] s390/uprobes: implement arch_uretprobe_is_alive() Greg Kroah-Hartman
2018-04-27 13:59 ` [PATCH 4.14 80/80] ACPI / video: Only default only_lcd to true on Win8-ready _desktops_ Greg Kroah-Hartman
2018-04-27 18:14 ` [PATCH 4.14 00/80] 4.14.38-stable review Shuah Khan
2018-04-27 19:24 ` kernelci.org bot
2018-04-27 19:33 ` Nathan Chancellor
2018-04-28 5:06 ` Greg Kroah-Hartman
2018-04-27 20:37 ` Dan Rue
2018-04-28 14:28 ` Guenter Roeck
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180427135734.337062858@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=davem@davemloft.net \
--cc=jiji@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=lucien.xin@gmail.com \
--cc=nhorman@tuxdriver.com \
--cc=stable@vger.kernel.org \
--subject='Re: [PATCH 4.14 27/80] sctp: do not check port in sctp_inet6_cmp_addr' \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).