diff options
author | Hannes Frederic Sowa <hannes@stressinduktion.org> | 2014-01-20 05:16:39 +0100 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2014-01-21 16:59:19 -0800 |
commit | 82b276cd2b0bacd58e7c307bf8856925a68c4d14 (patch) | |
tree | ffc8648efa91f83f81c94ac83447dc5246a835cf /include | |
parent | 446fab59333dea91e54688f033dd8d788d0486fb (diff) | |
download | op-kernel-dev-82b276cd2b0bacd58e7c307bf8856925a68c4d14.zip op-kernel-dev-82b276cd2b0bacd58e7c307bf8856925a68c4d14.tar.gz |
ipv6: protect protocols not handling ipv4 from v4 connection/bind attempts
Some ipv6 protocols cannot handle ipv4 addresses, so we must not allow
connecting and binding to them. sendmsg logic does already check msg->name
for this but must trust already connected sockets which could be set up
for connection to ipv4 address family.
Per-socket flag ipv6only is of no use here, as it is under users control
by setsockopt.
Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include')
-rw-r--r-- | include/net/ipv6.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/include/net/ipv6.h b/include/net/ipv6.h index 78d3d51..4f541f1 100644 --- a/include/net/ipv6.h +++ b/include/net/ipv6.h @@ -783,6 +783,8 @@ int compat_ipv6_getsockopt(struct sock *sk, int level, int optname, char __user *optval, int __user *optlen); int ip6_datagram_connect(struct sock *sk, struct sockaddr *addr, int addr_len); +int ip6_datagram_connect_v6_only(struct sock *sk, struct sockaddr *addr, + int addr_len); int ipv6_recv_error(struct sock *sk, struct msghdr *msg, int len, int *addr_len); |