On 04/01, David Woodhouse wrote:
> From: David Woodhouse <[email protected]>
>
> There is no need to listen on AF_INET sockets; a modern application can
> listen on IPv6 (without IPV6_V6ONLY) and will accept connections from
> the 20th century via IPv4-mapped addresses (::ffff:x.x.x.x) on the IPv6
> socket.
>
> Signed-off-by: David Woodhouse <[email protected]>
> ---
> net/ipv4/af_inet.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c
> index dc358faa1647..3838782a8437 100644
> --- a/net/ipv4/af_inet.c
> +++ b/net/ipv4/af_inet.c
> @@ -240,6 +240,9 @@ int inet_listen(struct socket *sock, int backlog)
> struct sock *sk = sock->sk;
> int err = -EINVAL;
>
> + pr_warn_once("process '%s' (pid %d) is listening on an AF_INET socket.
> Consider using AF_INET6 with IPV6_V6ONLY=0 instead.\n",
> + current->comm, task_pid_nr(current));
> +
> lock_sock(sk);
>
> if (sock->state != SS_UNCONNECTED || sock->type != SOCK_STREAM)
> --
> 2.51.0
>
Does this also need to look at the proto? inet6_stream_ops seem to be
using inet_listen as well.
const struct proto_ops inet6_stream_ops = {
.family = PF_INET6,
.owner = THIS_MODULE,
.release = inet6_release,
.bind = inet6_bind,
.connect = inet_stream_connect, /* ok */
.socketpair = sock_no_socketpair, /* a do nothing */
.accept = inet_accept, /* ok */
.getname = inet6_getname,
.poll = tcp_poll, /* ok */
.ioctl = inet6_ioctl, /* must change */
.gettstamp = sock_gettstamp,
.listen = inet_listen, /* ok */
