diff mbox series

net: error on unsupported IP setsockopts in IPv6

Message ID 20220609152525.GA6504@debian (mailing list archive)
State Changes Requested
Delegated to: Netdev Maintainers
Headers show
Series net: error on unsupported IP setsockopts in IPv6 | expand

Checks

Context Check Description
netdev/tree_selection success Guessed tree name to be net-next
netdev/fixes_present success Fixes tag not required for -next series
netdev/subject_prefix warning Target tree name not specified in the subject
netdev/cover_letter success Single patches do not need cover letters
netdev/patch_count success Link
netdev/header_inline success No static functions without inline keyword in header files
netdev/build_32bit success Errors and warnings before: 0 this patch: 0
netdev/cc_maintainers warning 1 maintainers not CCed: edumazet@google.com
netdev/build_clang success Errors and warnings before: 0 this patch: 0
netdev/module_param success Was 0 now: 0
netdev/verify_signedoff success Signed-off-by tag matches author and committer
netdev/check_selftest success No net selftest shell script
netdev/verify_fixes success No Fixes tag
netdev/build_allmodconfig_warn success Errors and warnings before: 0 this patch: 0
netdev/checkpatch warning WARNING: line length of 87 exceeds 80 columns
netdev/kdoc success Errors and warnings before: 0 this patch: 0
netdev/source_inline success Was 0 now: 0

Commit Message

Richard Gobert June 9, 2022, 3:26 p.m. UTC 
The IP_TTL and IP_TOS sockopts are unsupported for IPv6 sockets,
this bug was reported previously to the kernel bugzilla [1].
Make the IP_TTL and IP_TOS sockopts return an error for AF_INET6 sockets.

[1] https://bugzilla.kernel.org/show_bug.cgi?id=212585

Signed-off-by: Richard Gobert <richardbgobert@gmail.com>
---
 net/ipv6/ipv6_sockglue.c | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

Comments

Jakub Kicinski June 11, 2022, 5:16 a.m. UTC | #1 
On Thu, 9 Jun 2022 17:26:10 +0200 Richard Gobert wrote:
> The IP_TTL and IP_TOS sockopts are unsupported for IPv6 sockets,
> this bug was reported previously to the kernel bugzilla [1].
> Make the IP_TTL and IP_TOS sockopts return an error for AF_INET6 sockets.
> 
> [1] https://bugzilla.kernel.org/show_bug.cgi?id=212585

This is a little risky because applications may set both v4 and v6
options and expect the correct one to "stick". Obviously it's not 
the way we would have written this code today, but is there any harm?
Also why just those two options?
David Ahern June 11, 2022, 4:55 p.m. UTC | #2 
On 6/10/22 11:16 PM, Jakub Kicinski wrote:
> On Thu, 9 Jun 2022 17:26:10 +0200 Richard Gobert wrote:
>> The IP_TTL and IP_TOS sockopts are unsupported for IPv6 sockets,
>> this bug was reported previously to the kernel bugzilla [1].
>> Make the IP_TTL and IP_TOS sockopts return an error for AF_INET6 sockets.
>>
>> [1] https://bugzilla.kernel.org/show_bug.cgi?id=212585
> 
> This is a little risky because applications may set both v4 and v6
> options and expect the correct one to "stick". Obviously it's not 
> the way we would have written this code today, but is there any harm?
> Also why just those two options?

agreed, I do not believe this can be changed. The values will not be
used for ipv6 packets, so the exposure should just be a matter of
allowing the setting on a socket.
diff mbox series

Patch

diff --git a/net/ipv6/ipv6_sockglue.c b/net/ipv6/ipv6_sockglue.c
index 222f6bf220ba..2cdaa8f3a8f2 100644
--- a/net/ipv6/ipv6_sockglue.c
+++ b/net/ipv6/ipv6_sockglue.c
@@ -1012,8 +1012,16 @@  int ipv6_setsockopt(struct sock *sk, int level, int optname, sockptr_t optval,
 {
 	int err;
 
-	if (level == SOL_IP && sk->sk_type != SOCK_RAW)
-		return udp_prot.setsockopt(sk, level, optname, optval, optlen);
+	if (level == SOL_IP && sk->sk_type != SOCK_RAW) {
+		switch (optname) {
+		/* Some IP opts are not supported for IPv6 sockets */
+		case IP_TTL:
+		case IP_TOS:
+			return -ENOPROTOOPT;
+		default:
+			return udp_prot.setsockopt(sk, level, optname, optval, optlen);
+		}
+	}
 
 	if (level != SOL_IPV6)
 		return -ENOPROTOOPT;