Re: [PATCH net-next] Allocate unique metrics for icmp6 packets to prevent tainting dst metrics

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

From: Nick Jones <nick.jones@xxxxxxxxxxxxxxx>
Date: Mon, 12 Mar 2012 23:16:14 +0800

> The generation of an icmp6 packet, targeted to a specific desination
> address, will cause the shared metrics of the ip6_dst and inetpeer
> of that address to be tainted with the hoplimit value 255.
> All packets, icmp6 or otherwise, will have this hoplimit value, and
> if the destination is a router, not even advertisements specifying a
> new hoplimit value will have any effect due to the way
> ip6_dst_hoplimit works.
> By allocating a unique metrics array for the icmp6 packet, the shared
> metrics will not be tainted.
> Signed-off-by: Nick Jones <nick.jones@xxxxxxxxxxxxxxx>

You can't just change the allocation side.

You now have to make sure the free'ing side knows that these special
routes use kmalloc()'d metrics.  On ipv6 this is implemented in
ip6_dst_destroy().  Unless DST_HOST will be clear on all of these
icmp6 routes, the metrics will be leaked because ip6_dst_destroy()
will not invoke dst_destroy_metrics_generic() which would do the
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at

[Linux Kernel Discussion]     [Ethernet Bridging]     [Linux Wireless Networking]     [Linux Bluetooth Networking]     [Linux Networking Users]     [VLAN]     [Git]     [IETF Annouce]     [Linux Assembly]     [Security]     [Bugtraq]     [Photo]     [Singles Social Networking]     [Yosemite Information]     [MIPS Linux]     [ARM Linux Kernel]     [ARM Linux]     [Linux Virtualization]     [Linux Security]     [Linux IDE]     [Linux RAID]     [Linux SCSI]     [Free Dating]

Add to Google Powered by Linux