提交 0bd1b59b 编写于 作者: A Andrew McDonald 提交者: David S. Miller

[IPV6]: Check interface bindings on IPv6 raw socket reception

Take account of whether a socket is bound to a particular device when
selecting an IPv6 raw socket to receive a packet. Also perform this
check when receiving IPv6 packets with router alert options.
Signed-off-by: NAndrew McDonald <andrew@mcdonald.org.uk>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>
上级 7af4cc3f
...@@ -10,7 +10,8 @@ extern rwlock_t raw_v6_lock; ...@@ -10,7 +10,8 @@ extern rwlock_t raw_v6_lock;
extern void ipv6_raw_deliver(struct sk_buff *skb, int nexthdr); extern void ipv6_raw_deliver(struct sk_buff *skb, int nexthdr);
extern struct sock *__raw_v6_lookup(struct sock *sk, unsigned short num, extern struct sock *__raw_v6_lookup(struct sock *sk, unsigned short num,
struct in6_addr *loc_addr, struct in6_addr *rmt_addr); struct in6_addr *loc_addr, struct in6_addr *rmt_addr,
int dif);
extern int rawv6_rcv(struct sock *sk, extern int rawv6_rcv(struct sock *sk,
struct sk_buff *skb); struct sk_buff *skb);
......
...@@ -551,7 +551,8 @@ static void icmpv6_notify(struct sk_buff *skb, int type, int code, u32 info) ...@@ -551,7 +551,8 @@ static void icmpv6_notify(struct sk_buff *skb, int type, int code, u32 info)
read_lock(&raw_v6_lock); read_lock(&raw_v6_lock);
if ((sk = sk_head(&raw_v6_htable[hash])) != NULL) { if ((sk = sk_head(&raw_v6_htable[hash])) != NULL) {
while((sk = __raw_v6_lookup(sk, nexthdr, daddr, saddr))) { while((sk = __raw_v6_lookup(sk, nexthdr, daddr, saddr,
skb->dev->ifindex))) {
rawv6_err(sk, skb, NULL, type, code, inner_offset, info); rawv6_err(sk, skb, NULL, type, code, inner_offset, info);
sk = sk_next(sk); sk = sk_next(sk);
} }
......
...@@ -277,7 +277,9 @@ static int ip6_call_ra_chain(struct sk_buff *skb, int sel) ...@@ -277,7 +277,9 @@ static int ip6_call_ra_chain(struct sk_buff *skb, int sel)
read_lock(&ip6_ra_lock); read_lock(&ip6_ra_lock);
for (ra = ip6_ra_chain; ra; ra = ra->next) { for (ra = ip6_ra_chain; ra; ra = ra->next) {
struct sock *sk = ra->sk; struct sock *sk = ra->sk;
if (sk && ra->sel == sel) { if (sk && ra->sel == sel &&
(!sk->sk_bound_dev_if ||
sk->sk_bound_dev_if == skb->dev->ifindex)) {
if (last) { if (last) {
struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC); struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC);
if (skb2) if (skb2)
......
...@@ -81,7 +81,8 @@ static void raw_v6_unhash(struct sock *sk) ...@@ -81,7 +81,8 @@ static void raw_v6_unhash(struct sock *sk)
/* Grumble... icmp and ip_input want to get at this... */ /* Grumble... icmp and ip_input want to get at this... */
struct sock *__raw_v6_lookup(struct sock *sk, unsigned short num, struct sock *__raw_v6_lookup(struct sock *sk, unsigned short num,
struct in6_addr *loc_addr, struct in6_addr *rmt_addr) struct in6_addr *loc_addr, struct in6_addr *rmt_addr,
int dif)
{ {
struct hlist_node *node; struct hlist_node *node;
int is_multicast = ipv6_addr_is_multicast(loc_addr); int is_multicast = ipv6_addr_is_multicast(loc_addr);
...@@ -94,6 +95,9 @@ struct sock *__raw_v6_lookup(struct sock *sk, unsigned short num, ...@@ -94,6 +95,9 @@ struct sock *__raw_v6_lookup(struct sock *sk, unsigned short num,
!ipv6_addr_equal(&np->daddr, rmt_addr)) !ipv6_addr_equal(&np->daddr, rmt_addr))
continue; continue;
if (sk->sk_bound_dev_if && sk->sk_bound_dev_if != dif)
continue;
if (!ipv6_addr_any(&np->rcv_saddr)) { if (!ipv6_addr_any(&np->rcv_saddr)) {
if (ipv6_addr_equal(&np->rcv_saddr, loc_addr)) if (ipv6_addr_equal(&np->rcv_saddr, loc_addr))
goto found; goto found;
...@@ -160,7 +164,7 @@ void ipv6_raw_deliver(struct sk_buff *skb, int nexthdr) ...@@ -160,7 +164,7 @@ void ipv6_raw_deliver(struct sk_buff *skb, int nexthdr)
if (sk == NULL) if (sk == NULL)
goto out; goto out;
sk = __raw_v6_lookup(sk, nexthdr, daddr, saddr); sk = __raw_v6_lookup(sk, nexthdr, daddr, saddr, skb->dev->ifindex);
while (sk) { while (sk) {
if (nexthdr != IPPROTO_ICMPV6 || !icmpv6_filter(sk, skb)) { if (nexthdr != IPPROTO_ICMPV6 || !icmpv6_filter(sk, skb)) {
...@@ -170,7 +174,8 @@ void ipv6_raw_deliver(struct sk_buff *skb, int nexthdr) ...@@ -170,7 +174,8 @@ void ipv6_raw_deliver(struct sk_buff *skb, int nexthdr)
if (clone) if (clone)
rawv6_rcv(sk, clone); rawv6_rcv(sk, clone);
} }
sk = __raw_v6_lookup(sk_next(sk), nexthdr, daddr, saddr); sk = __raw_v6_lookup(sk_next(sk), nexthdr, daddr, saddr,
skb->dev->ifindex);
} }
out: out:
read_unlock(&raw_v6_lock); read_unlock(&raw_v6_lock);
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册