NetBSD Problem Report #52469
From www@NetBSD.org Mon Aug 7 14:14:45 2017
Return-Path: <www@NetBSD.org>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (verified OK))
by mollari.NetBSD.org (Postfix) with ESMTPS id 215327A263
for <gnats-bugs@gnats.NetBSD.org>; Mon, 7 Aug 2017 14:14:45 +0000 (UTC)
Message-Id: <20170807141443.B1C5F7A28A@mollari.NetBSD.org>
Date: Mon, 7 Aug 2017 14:14:43 +0000 (UTC)
From: ef@math.uni-bonn.de
Reply-To: ef@math.uni-bonn.de
To: gnats-bugs@NetBSD.org
Subject: ipf fails to return-rst (or panics) on a IPv6 link-local-address
X-Send-Pr-Version: www-1.0
>Number: 52469
>Category: kern
>Synopsis: ipf fails to return-rst (or panics) on a IPv6 link-local-address
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: kern-bug-people
>State: closed
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Mon Aug 07 14:15:00 +0000 2017
>Closed-Date: Wed Jun 09 02:06:04 +0000 2021
>Last-Modified: Wed Jun 09 02:06:04 +0000 2021
>Originator: Edgar Fuß
>Release: 6.1 (ignored), 7.1 (panics)
>Organization:
Mathematisches Institut der Universität Bonn
>Environment:
>Description:
With a block rule qualified "return-rst", if that rule matches a link-local address, no RST is returned (on NetBSD-6) or the system panics (on NetBSD-7).
The problem is that ipf6_fastroute() consults the routing cache without having inserted the address's scope first.
>How-To-Repeat:
Add a block rule qualified "return-rst" that matches a link-local address. Make that rule match. Observe no RST being sent or the system panic.
>Fix:
Index: ip_fil_netbsd.c
===================================================================
RCS file: /cvsroot/src/sys/external/bsd/ipf/netinet/ip_fil_netbsd.c,v
retrieving revision 1.11
diff -u -p -r1.11 ip_fil_netbsd.c
--- ip_fil_netbsd.c 25 Jul 2014 08:10:39 -0000 1.11
+++ ip_fil_netbsd.c 20 Jul 2017 13:04:22 -0000
@@ -1378,6 +1378,9 @@ ipf_fastroute6(struct mbuf *m0, struct m
sockaddr_in6_init(&u.dst6, &fdp->fd_ip6.in6, 0, 0, 0);
else
sockaddr_in6_init(&u.dst6, &fin->fin_fi.fi_dst.in6, 0, 0, 0);
+ /* KAME */
+ if (IN6_IS_ADDR_LINKLOCAL(&u.dst6.sin6_addr))
+ u.dst6.sin6_addr.s6_addr16[1] = htons(ifp->if_index);
dst = &u.dst;
rtcache_setdst(ro, dst);
@@ -1389,6 +1392,9 @@ ipf_fastroute6(struct mbuf *m0, struct m
dst6->sin6_family = AF_INET6;
dst6->sin6_len = sizeof(struct sockaddr_in6);
dst6->sin6_addr = fin->fin_fi.fi_dst.in6;
+ /* KAME */
+ if (IN6_IS_ADDR_LINKLOCAL(&dst6->sin6_addr))
+ dst6->sin6_addr.s6_addr16[1] = htons(ifp->if_index);
if (fdp != NULL) {
if (IP6_NOTZERO(&fdp->fd_ip6))
@@ -1407,15 +1413,6 @@ ipf_fastroute6(struct mbuf *m0, struct m
goto bad;
}
- /* KAME */
-# if __NetBSD_Version__ >= 499001100
- if (IN6_IS_ADDR_LINKLOCAL(&u.dst6.sin6_addr))
- u.dst6.sin6_addr.s6_addr16[1] = htons(ifp->if_index);
-# else
- if (IN6_IS_ADDR_LINKLOCAL(&dst6->sin6_addr))
- dst6->sin6_addr.s6_addr16[1] = htons(ifp->if_index);
-# endif
-
{
# if (__NetBSD_Version__ >= 106010000) && !defined(IN6_LINKMTU)
struct in6_ifextra *ife;
>Release-Note:
>Audit-Trail:
From: Edgar =?iso-8859-1?B?RnXf?= <ef@math.uni-bonn.de>
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: kern/52469: ipf fails to return-rst (or panics) on a IPv6
link-local-address
Date: Mon, 7 Aug 2017 16:21:15 +0200
The problem may or may not be related to kern/50168.
From: Edgar =?iso-8859-1?B?RnXf?= <ef@math.uni-bonn.de>
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: kern/52469: ipf fails to return-rst (or panics) on a IPv6
link-local-address
Date: Mon, 7 Aug 2017 16:26:08 +0200
On tech-net@, JINMEI, Tatuya suggested the following improvement:
I suggest using utility functions defined in scope6.c instead of
manually tweaking sin6_addr:
> + /* KAME */
> + if (IN6_IS_ADDR_LINKLOCAL(&u.dst6.sin6_addr))
> + u.dst6.sin6_addr.s6_addr16[1] = htons(ifp->if_index);
These two lines could (should) be:
if ((error = in6_setscope(&u.dst6.sin6_addr, ifp,
&u.dst6.sin6_scope_id)) != 0)
goto bad;
if ((error = sa6_embedscope(&u.dst6, 0)) != 0)
goto bad;
It tries to hide as many implementation details as possible, and also
covers other types of IPv6 scoped addresses (in practice unicast
link-local may be the only type you're interested in, but in principle
you'd need to expect it could be, e.g., a scoped multicast address).
State-Changed-From-To: open->needs-pullups
State-Changed-By: maya@NetBSD.org
State-Changed-When: Mon, 04 Jun 2018 10:43:37 +0000
State-Changed-Why:
This did get committed (thanks for the patch & report), but records did not go into GNATS.
It's ip_fil_netbsd.c:1.24 - 1.26, and is in netbsd-8 (pullup-8 #206), but not in netbsd-7
State-Changed-From-To: needs-pullups->closed
State-Changed-By: dholland@NetBSD.org
State-Changed-When: Wed, 09 Jun 2021 02:06:04 +0000
State-Changed-Why:
pullups to -7 are no longer relevant
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.46 2020/01/03 16:35:01 leot Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2020
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.